When the Client Certificate authentication method is used on the appliance, use of this method can be initiated by the Cookie Authentication (for X509 Authentication) rule set.
We recommend that you insert this rule set after the rules sets for functions that do not require authentication, but before the rule sets that handle the filtering functions.
This ensures the filtering functions are not executed when a request is blocked because authentication failed, which saves resources and improves performance.
If your rule set system is similar to the default system, you can insert the rule set after the SSL Scanner and Global Whitelist rule sets, but before the Content Filtering and Gateway Antimalware rule sets.
- Select Policy | Rule Sets.
- On the rule sets tree, navigate to the position where you want to insert the rule set and click Add.
- Click Top Level Rule Set, then click Import Rule Set from Library.
The Add from Rule Set Library window opens.
- Select the Cookie Authentication (for X509 Authentication) rule set and click OK.
If conflicts arise from the import, they are displayed next to the list of rule sets. Follow one of the suggested procedures for solving them before clicking OK.
The rule set is inserted with its nested rule sets in the rule sets tree.