Solution6: LTM & APM - Client Certificate to Single Domain kerberos SSO

This solution documents all the necessary pieces required to create an APM policy that prompts the user for their certificate then performs kerberos SSO to an application.

Keywords: certificate, ad, active, directory, kerberos, sso

DC: single, multi

URL

Note

The link below only works from the UDF blueprint

https://solution6.acme.com

Configuration Comments



UDF Deployment Models

BIG-IP Version

Blueprint Version

15.1

5

BIG-IP Components used

  • Virtual Server

    • HTTP Profile

    • Client-side SSL Profile

    • Access Profile

      • AAA LDAP AAA Servers

      • AAA OCSP Responder Servers

      • Kerberos SSO