Jump to content
Welcome to our new Citrix community!

mTLS Client Authentication on ADC

Kiran Malla

Recommended Posts

Hi Team, We would like to configure mTLS Client Authentication mandatory on Citrix Netscaler ADC. I would like to understand the following points in detail for testing it on my Netscaler. 

Purpose: One of our client will access our API calls directly over internet, so we would like to configure the Client Authentication mandatory. When the client certificate is present on the client machines then the SSL Handshake should success other wise the Netscaler should drop. 


1. How to configure CSR certificate and the prerequisites to generate CSR. 

2. How to configure Client certificate and the pre requisites to generate the Client certificate.

3. How to apply the mTLS only to specific API calls not to all the API present in Citrix Netscaler. 


For reference:

Presented two API calls on Netscaler.

1. HTTP.REQ.HOSTNAME.EQ("mtls.domian.com") && HTTP.REQ.URL.PATH.STARTSWITH("/123PROOPS/") --> Apply the mTLS client authentication mandatory to this API. 
2.HTTP.REQ.HOSTNAME.EQ("mtls.domain.com") && HTTP.REQ.URL.PATH.STARTSWITH("/123PROCSA/") --> It should apply to this API call. 


Appreciate your quick help on the solution. 



Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...