Forum Discussion

Cirrostratus

Dec 21, 2016

Client Certificate sr number validation - irule

Hi I have a virtual server which has a client ssl profile to validate the client certificate (require), as an additional security, we want to allow a client with a specific serial number only to co...

Nimbostratus

Dec 21, 2016

Your test is for "00:f3:f8:d0:2b:87:42:a1:05:4f:27:5f:dc:2c:41:66:c6", but the log indicates that the system pulled "f3:f8:d0:2b:87:42:a1:05:4f:27:5f:dc:2c:41:66:c6". Note that the BIG-IP will strip leading zeroes when using X509::serial_number - actually a function of underlying OpenSSL returning the value (see ).

Need to change your iRule to remove the leading zeroes.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Client Certificate sr number validation - irule

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Managing iRules configuration

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

CPU load when Prometheus is scraping metrics from F5 BIG-IP LTM

Problem with sending BotDefense logs to remote server

ASM/AWAF declarative policy

Related Content

Deploying the F5 AI Security Certified OpenShift Operator: A Validated Playbook

Automating Certificate Management on F5 BIG-IP

Certificate Automation for BIG-IP using CyberArk Certificate Manager, Self-Hosted

Automating ACMEv2 Certificate Management on BIG-IP

BIG-IQ Client Certificate (PKI) Authentication

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS