For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

IRONMAN's avatar
IRONMAN
Icon for Cirrostratus rankCirrostratus
Sep 14, 2019

Client SSL Authentication info need to send back server, in HTTP header?

Any one guide me here, I am having requirement to send the below headers to back-end servers with HTTP header, ! Client profile i am creating for Client Authentication with Request: method.! Ser...
application delivery
iRules
LTM
security
IRONMAN's avatar
IRONMAN
Icon for Cirrostratus rankCirrostratus
Sep 16, 2019

Please let me know, should i add below for set the $clientCertHash value from SSL?

 

 

if {$field starts_with "CN="} {

        set clientCommonName [getfield $field "=" 2]

      }

Enes_Afsin_Al's avatar
Enes_Afsin_Al
Icon for MVP rankMVP
Sep 16, 2019

You should use it for clientCommonName (X-SSL-Client-CN)

# for X-SSL-Client-CN

set clientCertSubject [X509::subject [SSL::cert 0]]
foreach field [ split $clientCertSubject ","] {
    if {$field starts_with "CN="} {
        set clientCommonName [getfield $field "=" 2]
    }
}

# for X-SSL-Client-SHA1

set clientCertHash [X509::hash [SSL::cert 0]]