Forum Discussion
Dennis_Kloosterman
Altostratus
AltostratusDoes X509::whole also insert the intermediate certificate(s)?
Hi, I need to write an irule that, amongst other things, forwards a client certificate in an http header. That is normally done using the X509::whole option, but the application also requires t...
jaikumar_f5
Noctilucent
NoctilucentActually the x509 whole gives you in pem format,
jaikumar_f5Noctilucent
NoctilucentActually, the below code should capture the Intermediate certs too.
when CLIENTSSL_CLIENTCERT {
if {[SSL::cert count] > 0}{
if { [SSL::verify_result] == 0 }{
for {set i 0} {$i < [SSL::cert count]} {incr i}{
log local0. "CERT NUMBER= $i - SUBJECT= [X509::subject [SSL::cert $i]] - Issuer= [X509::issuer [SSL::cert $i]] - SERIAL= [X509::serial_number [SSL::cert $i]]"
}
} else {
log local0. "Cert Info: [X509::verify_cert_error_string [SSL::verify_result]]"
}
} else {
log local0. "No client certificate provided"
}
}If you think this helps your requirement, please mark the thread as solved.
