e.g.
[root@iris:Active] config b virtual bar list
virtual bar {
snat automap
pool foo
destination 172.28.17.33:https
ip protocol tcp
rules myrule
profiles {
myclientssl {
clientside
}
tcp {}
}
}
[root@iris:Active] config b rule myrule list
rule myrule {
when CLIENTSSL_CLIENTCERT {
log local0. "[X509::subject [SSL::cert 0]]"
log local0. "[string tolower [X509::subject [SSL::cert 0]]]"
}
}
[root@iris:Active] config curl -Ik https://172.28.17.33/ --cert /var/tmp/ca/client.crt --key /var/tmp/ca/client.key
HTTP/1.1 200 OK
Date: Wed, 02 Nov 2011 03:56:20 GMT
Server: Apache/2.0.59 (rPath)
Last-Modified: Sat, 11 Jun 2011 00:31:47 GMT
ETag: "667a-67-cfb682c0"
Accept-Ranges: bytes
Content-Length: 103
Vary: Accept-Encoding
Set-Cookie: testcookie=helloworld
Content-Type: text/html; charset=UTF-8
[root@iris:Active] config cat /var/log/ltm
Nov 2 20:46:10 local/tmm info tmm[1609]: Rule myrule : CN=client.f5net.com,OU=ps,O=f5net,L=seattle,ST=wa,C=us
Nov 2 20:46:10 local/tmm info tmm[1609]: Rule myrule : cn=client.f5net.com,ou=ps,o=f5net,l=seattle,st=wa,c=us