Soap_111722
Oct 27, 2015Nimbostratus
CertChk + Redirect
Looking for an iRule to use that will check for a specific machine CERT and if not found redirect to a custom URL. Any help is appreciated it. Thank you.
Looking for an iRule to use that will check for a specific machine CERT and if not found redirect to a custom URL. Any help is appreciated it. Thank you.
Something like this could do the trick. You may have to tweak to your needs. You will also need to set your client auth in your client SSL profile to request.
https://devcentral.f5.com/wiki/iRules.X509__subject.ashx
https://devcentral.f5.com/wiki/iRules.SSL__cert.ashx
when HTTP_REQUEST {
if {[SSL::cert count] > 0}{
set cert_subject [X509::subject [SSL::cert 0]]
if {$cert_subject equals "CN..."}{
return
}
else {
if cert doesn't contain required subject, redirect
HTTP::respond 302 noserver Location "https://someurl"
}
}
else {
if no cert presented, redirect
HTTP::respond 302 noserver Location "https://someurl"
}
}
Something like this could do the trick. You may have to tweak to your needs. You will also need to set your client auth in your client SSL profile to request.
https://devcentral.f5.com/wiki/iRules.X509__subject.ashx
https://devcentral.f5.com/wiki/iRules.SSL__cert.ashx
when HTTP_REQUEST {
if {[SSL::cert count] > 0}{
set cert_subject [X509::subject [SSL::cert 0]]
if {$cert_subject equals "CN..."}{
return
}
else {
if cert doesn't contain required subject, redirect
HTTP::respond 302 noserver Location "https://someurl"
}
}
else {
if no cert presented, redirect
HTTP::respond 302 noserver Location "https://someurl"
}
}