Forum Discussion

Cirrus

Mar 25, 2022

Binary analysis of client certificate

Hello all, For some reason, I am currently looking for a way to inspect SSL Client certificate during authentication on a LTM without a SSL profile. The ultimate goal is to be able to filtrate/lo...

application delivery

security

CA_Valli

MVP

Mar 25, 2022

Hello, I've made something similar last year to extract a specific SSL extension (Type 0, SNI) and log it in ASCII format. It uses SSL:: iRule commands, and a procedure to convert HEX to ASCII.

I attached code to this message. You might want to tune it.

ssl-log-irule.zip1 KB

CA_Valli
MVP
Mar 25, 2022
Hi - Sorry, iRule is not complete, use _v2 instead. I got confused between my files.
ssl-log-irule_v2.zip1 KB

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Binary analysis of client certificate

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

GRPC through F5 Virtual Server [RST_STREAM with error code: INTERNAL_ERROR]

[ASM] - How to disable the SQL injection attack signatures

[ASM] : SQL-INJ "end-quote UNION" - How to allow this signature to specific url/uri/parameter only

Changes to DO and AS3 GitHub - no longer monitored

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

Related Content

Automating Certificate Management on F5 BIG-IP

Advanced iRules: Binary Scan

Certificate Automation for BIG-IP using CyberArk Certificate Manager, Self-Hosted

Dyre Malware Analysis

How to Setup Shape Log Analysis in Fastly

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS