Forum Discussion
How to read "Subject Key Identifier" value form a digital certificate
Hi,
I am looking for a way to:
1) read "Subject Key Identifier" value form a digital certificate with an iRule (something like X509::subject [SSL::cert 0])
2) insert this value into a HTTP header inside the same iRule.
While there are many examples available about inserting HTTP headers, I did not find a way how to read "Subject Key Identifier" from a certificate.
Help appreciated!
Best regards, Srecko
- SMilanicCirrus
With some help from F5, we were to solve this using APM and the following command in an iRule: "set SKI_Hex [findstr [ACCESS::session data get session.ssl.cert.x509extension] "Subject Key Identifier" 33 "X509v3"]"
This reads the contents of the SKI extension field from a certificate into "SKI_Hex". You can then insert it into a HTTP header as described in other posts.
- mimlo_61970Cumulonimbus
Is this helpful?
https://devcentral.f5.com/questions/insert-common-name-value-to-http-header
- Chris_GrantEmployeeThe irule in this link should help you accomplish what you need to accomplish.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com