2019F5DevCentra
Dec 05, 2019Cirrus
Client Cert validation
Trying to understand the Logistics here in KB Article - https://clouddocs.f5.com/api/irules/ClientCertificateCNChecking.html #Example Subject DN: /C=AU/ST=NSW/L=Syd/O=Your Organisation/O...
- Dec 06, 2019
when CLIENTSSL_CLIENTCERT { set s_dn [X509::subject [SSL::cert 0]] set s_serial [X509::serial_number [SSL::cert 0]] log local0. "Client Certificate Received: $s_dn" if { $s_dn != "" }{ if { ([matchclass $s_serial contains DatagroupS]) } { #Accept the client cert log local0. "Client Certificate Accepted: $s_serial" } else { reject log local0. "Failed Cert Auth - No Certificate" } } else { reject } }
Try this, it should work 🙂