Forum Discussion

Cirrus

Mar 25, 2022

Binary analysis of client certificate

Hello all, For some reason, I am currently looking for a way to inspect SSL Client certificate during authentication on a LTM without a SSL profile. The ultimate goal is to be able to filtrate/lo...

application delivery

security

CA_Valli

MVP

Mar 25, 2022

Hello, I've made something similar last year to extract a specific SSL extension (Type 0, SNI) and log it in ASCII format. It uses SSL:: iRule commands, and a procedure to convert HEX to ASCII.

I attached code to this message. You might want to tune it.

ssl-log-irule.zip1 KB

CA_Valli
MVP
Mar 25, 2022
Hi - Sorry, iRule is not complete, use _v2 instead. I got confused between my files.
ssl-log-irule_v2.zip1 KB

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Binary analysis of client certificate

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

Post-Breach Analysis: Sophistication and Visibility

Advanced iRules: Binary Scan

How to Setup Shape Log Analysis in Fastly

Packet Analysis with Scapy and tcpdump: Checking Compatibility with F5 SSL Orchestrator

Automating ACMEv2 Certificate Management on BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS