Hi,
you can try the following:
In TLS Server Profile set "
Request client authentication" = "on", "
Require client authentication" = "off" and "
Validate client certificate" = "off".
Then drag an AAA action to processing policy flow and set authentication to "
Validate TLS certificate from connection peer" and select the correct validation credential config from the drop-down menu. Now you should be able to catch the certificate errors using error rule and create a custom error response back to the consumers.
------------------------------
Hermanni Pernaa
------------------------------
Original Message:
Sent: Fri April 23, 2021 05:57 AM
From: Joacim Dahlblom
Subject: Error message when not presenting client certificate for mTLS
Hi,
We have a service that uses mTLS and requires client authentication.
It seems to me that when client don't present a client certificate you don't get any http code in return.
We have this customer that needs to get a 403 (Missing client certificate) in return.
Is that possible?
Thanks in advance
Jocke D
------------------------------
Joacim Dahlblom
------------------------------