How to read "Trusted Certificates Authorities" on an IRule ?

Hi, RobE!

Thanks for replying!

I tried that iRule you posted. In fact everything that IS NOT "/auth" will have the client's certificate validated. If it is /auth it does not validate the client's certificate and increments /abc/xyz before /auth.
Tests reading a ca-bundle with valid certificates went OK. But when I read a ca-bundle with invalid certificates I get the "Connection Reset" error.

Just to make it clear, I put the /auth conditional to VALIDATE the client certificate just for TEST, to be as identical as possible to your iRule:
when HTTP_REQUEST {
if { [HTTP::path] eq "/auth" } {
if { [SSL::cert count] > 0 } {
if { [SSL::verify_result ] == 0 } {
# Good mTLS result, exit from this check
return
} else {
set error_string [X509::verify_cert_error_string [SSL::verify_result]]
}
} else {
set error_string "No client certificate provided"
}
# If we are still executing this iRule, the client did not present a cert or did not present a valid cert
HTTP::respond 403 content "<html>Invalid client certificate: $error_string</html>"
}
}

According to the above iRule, is it expected to receive "Connection Reset" when the request is made to /auth after choosing the certificate in the popup window?
(remembering that, for testing purposes, I am using an INVALID certificate)