For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Jason_Jernigan_'s avatar
Jason_Jernigan_
Icon for Nimbostratus rankNimbostratus
Mar 06, 2006

Client SSL Insert

I've got a site using client SSL cert inserted to the header for authentication with the backend web server. The irule is as follows.     when CLIENTSSL_CLIENTCERT {   if { [SSL::cert cou...
application delivery
dev
devops
iRules
Michael_Voight_'s avatar
Michael_Voight_
Historic F5 Account
Mar 17, 2006
CR56247 is included in 9.1.1 (as noted in the CR, "Fixed in 9.1.1.54.0". This is the released 9.1.1)

 

 

CR26247 also seems to be an issue with the response being NOT FOUND, which doesn't seem to match this problem

 

 

I own the subcase for this customer and it looks like the problem is related to the parsing of the expression.

 

It looks like the Session ID is being interpreted as a command.

 

 

Mar 16 14:23:47 tmm tmm[778]: 01220001:3: TCL error: Rule

 

Cert_Update_Incert_log - invalid command name

 

"99f96f36f6ef44a696e8bc06af9a9ea15846f1c703d755323d428e38b6718a85" while

 

executing "[SSL::sessionid] any"