Forum Discussion

Altostratus

Apr 18, 2023

Best way to pass http header by iRule containing Client TLS information

Hi All,

We are planning to identify TLS connection information from clients. ie: TLS version, CIPHER suits

How can we trap and pass through this client information via HTTP header so application team can analyse.

Thanks.

Hi Moinul_Rony,

when HTTP_REQUEST {
	HTTP::header insert X-Forwarded-TLSVersion [SSL::cipher version]
	HTTP::header insert X-Forwarded-CipherName [SSL::cipher name]
	HTTP::header insert X-Forwarded-CipherBits [SSL::cipher bits]
}

Enes_Afsin_Al
MVP
Apr 18, 2023
Hi Moinul_Rony,

when HTTP_REQUEST { HTTP::header insert X-Forwarded-TLSVersion [SSL::cipher version] HTTP::header insert X-Forwarded-CipherName [SSL::cipher name] HTTP::header insert X-Forwarded-CipherBits [SSL::cipher bits] }
- Moinul_Rony
  Altostratus
  Apr 18, 2023
  Thansk Enes_Afsin_Al ,
  
  Do you happen to have the full list of [SSL::Options?
  - Enes_Afsin_Al
    MVP
    Apr 18, 2023
    SSL::cipher name SSL::cipher version SSL::cipher bits
    
    These are the values that can be used for SSL::cipher.
    https://clouddocs.f5.com/api/irules/SSL__cipher.html
    
    You can view all SSL:: commands from the link.
    https://clouddocs.f5.com/api/irules/SSL.html