Certificate Logging via iRule

Question

Certificate Logging via iRule - &nbsp;I think I'm missing something pretty simple.  My goal is to log the CN, Subject, Serial# of all Client's hitting my VIP. Is there a way to accomplish this without turning on "Require" Mode under Client Authentication via the SSL Profile.  I can't seem to find a Wiki Article around this.&nbsp;Thanks,&nbsp;

hamish · Answer

Sorry, your question feels a bit ambiguous.

Do you wish to log the SERVER side certificate information? or the CLIENT side certificate information?

If you wish to log the CLIENT side, then you'll have to REQUIRE a client cert. Because otherwise you have no guarantee that there will be one to log.

2019f5devcentra · Answer

Yes, I was trying to request the certificate details via CLIENT side. I wasn't sure if the only way to snatch this data up was to "REQUIRE" or "REQUEST" it via the SSL Profile option. I had thought there would be a way to grab this data in another method without having to allow it.

Is there a way to grab the Server Side Certificate via iRule without the SSL Profile option selected?

Thanks,

Forum Discussion

Certificate Logging via iRule

Recent Discussions

Application only need to access from 2 uris

In Radius auth, how to allow second attempt of token input when the first input is incorrect?

AS3 Limitations

Unable to install firmware OS and drop at 10%

Statistics ›› Analytics : HTTP : Overview

Related Content

Performance Logging iRule (Rule_http_log)

Help F5 Transform the BIG-IP Administrator Certification

Re: Management Certificate

irule logging question

F5 Certified Administrator NGINX certification now available!

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS