IBM Verify

 View Only

Help for intergration WebSEAL behind an external WAF (imperva)

  • 1.  Help for intergration WebSEAL behind an external WAF (imperva)

    Posted Fri January 10, 2025 11:33 AM

    Hello experts from IBM, I am currently deploying the iam system using the webseal component version 10.0.7, the integration model is as follows:
    end-user ---https---> LB (F5-Big IP) ---(ssl)---> WAF (Imperva)---(https)----> Webseal reverse proxy ---(https)---> Backend app
    After configuring, when the user logs in to the url: https://iam.mydomain.com, an error is reported, unable to connect, checking the request log of the webseal reverse proxy, there is an error as follows:
    DPWIV1227W Webseal could not establish a secure connection with an incoming client. if client certificate authentication is not enabled check the webseal server certificate (function call: gsk_secure_soc_init; failed error: 0x19a GSK_ERROR_BAD_REQUEST_MESSAGE; 10.10.1.1 <ip of waf>)
    we installed cert on both LB & WAF same as a cert in webseal.
    my isva using version 10.0.7.
    We look forward to receiving everyone's help and advice on this usecase. thank you very much.



    ------------------------------
    tuan dung duong
    ------------------------------