Manual Chapter :
Integrating C3D with SSL Orchestrator
Applies To:
Show VersionsF5 SSL Orchestrator
- 17.1.0
Integrating C3D with SSL Orchestrator
- Create a client SSL profile in LTM withClient Certificate Constrained Delegationenabled.
- Create a server SSL profile in LTM withClient Certificate Constrained Delegationenabled.
For more information, refer Configuring Client Certificate Constrained
Delegation (C3D) (f5.com)
Starting 11.0, you can integrate Client Certificate Constrained Delegation (C3D) SSL
profiles in SSL Orchestrator from the user interface. The C3D SSL profiles are
listed in the
Protocol Settings
section of the Interception Rules
tab.
You can replace the client and server SSL profiles created by SSL Orchestrator, with
C3D SSL profiles in the Interception Rules
tab of an inbound topology (for
both Gateway mode and Application mode). Perform the following steps to integrate C3D with SSL Orchestrator:
- Deploy an inbound topology.
- Select the inbound topology, and then click theInterception Rulestab.
- In theProtocol Settingssection, remove the default SSL client and server profiles (created by SSL Orchestrator), and then add the C3D client and server profiles from the lists.
- ClickDeploy.