Client Auth via PKI

From Tech-Wiki
Revision as of 16:57, 20 May 2019 by Fabricio.Lima (Talk | contribs) (Created page with "Category:F5 Networks '''Back to iRules''' # add datagroup CertificateCA #String: DigiCert Server CA #Value: www.domain.com when CLIENTSSL_CLIEN...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Back to iRules 

# add datagroup CertificateCA
#String: DigiCert Server CA
#Value: www.domain.com
when CLIENTSSL_CLIENTCERT {

set SubCN [findstr [X509::subject [SSL::cert 0]] "CN=" 3 ","] set IssCN [findstr [X509::issuer [SSL::cert 0]] "CN=" 3 ","] if {[class match $IssCN equals CertificateCA]}{ set name [class match -value $IssCN equals CertificateCA] if {$name ne ""} { if { $name eq $SubCN } { } else { reject } } else { reject } 

   } else {

} 

}
Retrieved from ‘http://tech-wiki.net/index.php?title=Client_Auth_via_PKI&oldid=1322