F5 APM machine cert auth - subject alt name check without hostname

Hello,

 

I'd like to validate a machine certificate for authentication, to make sure the device trying to reach my VS contains a specific subject alternate name.

 

As far as I checked, it looks like the machine certificate verification compares the hostname with the beginning of my subj alt name.

 

for example, if my hostname is "testhost" and my subj alt name is "hostid.domaintocheck.net", the validation fails as "testhost" doesn't match "hostid".

 

Is there a way to check only the "domaintocheck.net" part ?

 

thanks.