Forum Discussion

Cirrostratus

Sep 14, 2019

Client SSL Authentication info need to send back server, in HTTP header?

Any one guide me here, I am having requirement to send the below headers to back-end servers with HTTP header, ! Client profile i am creating for Client Authentication with Request: method.! Ser...

Cirrostratus

Please let me know, should i add below for set the $clientCertHash value from SSL?

if {$field starts_with "CN="} {

set clientCommonName [getfield $field "=" 2]

}

Enes_Afsin_Al

MVP

Sep 16, 2019

You should use it for clientCommonName (X-SSL-Client-CN)

# for X-SSL-Client-CN

set clientCertSubject [X509::subject [SSL::cert 0]]
foreach field [ split $clientCertSubject ","] {
    if {$field starts_with "CN="} {
        set clientCommonName [getfield $field "=" 2]
    }
}

# for X-SSL-Client-SHA1

set clientCertHash [X509::hash [SSL::cert 0]]

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Client SSL Authentication info need to send back server, in HTTP header?

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

header substr

Selective mutual authentication by HTTP::Host

Custom Header Monitor UDP

401 unauthorized return if header doesn't match

Authentication via Azure AD blocked by Access policy

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS