Forum Discussion

Nimbostratus

Mar 06, 2006

Client SSL Insert

I've got a site using client SSL cert inserted to the header for authentication with the backend web server. The irule is as follows. when CLIENTSSL_CLIENTCERT { if { [SSL::cert cou...

Nimbostratus

Mar 06, 2006

Ok I changed the code to this:

when CLIENTSSL_CLIENTCERT {

log "begining"

log "ssl cert count = + [SSL::cert count]"

if { [SSL::cert count] > 0 } {

session add ssl [SSL::sessionid] [X509::cert_fields [SSL::cert 0] [SSL::verify_result] whole] 450

log "session ID: + [SSL::sessionid] + [X509::cert_fields [SSL::cert 0] [SSL::verify_result] whole]"

log "certfields lookup = [session lookup ssl {[SSL::sessionid] any}]"

}

when HTTP_REQUEST {

log "http_request sessionid= + [SSL::sessionid]"

set certfields [session lookup ssl {[SSL::sessionid] any}]

log "certfields before if + $certfields"

if { $certfields != "" } {

HTTP::header insert $certfields

}

log "Ending"

}

But it appears that something is off becuase now none of the lookups are working. Including the log statement immediatly following the session add. Your help is greatly appreciated. Please see logs attached.

Thanks,

Jason

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)