Insert SSL certificate name into HTTP header

Question

I have a customer that wants the SSL certificate name instead of the ClientIP address re-inserted into the HTTP header.  I need some help???

joe_pruitt · Answer

Check out this example in CodeShare&nbsp;&nbsp;http://devcentral.f5.com/wiki/default.aspx/iRules/InsertCertInServerHeaders.html&nbsp;Click here&nbsp;

mathew_58739 · Answer

Ok.  Thank you for the example.  My rule is relatively simple then....  all I should need is:
&nbsp;when HTTP_REQUEST {
&nbsp;  HTTP::header insert SSLClientCert
&nbsp;   } else {
&nbsp;  reject
&nbsp;}&nbsp;
&nbsp;Do you know what value I need for the SSLClientCert ?  I want to be able to insert the client certificate name.  For example, myserver.domain.com.

mathew_58739 · Answer

I have an updated rule to consider......
&nbsp;when CLIENTSSL_CLIENTCERT {
&nbsp;set sslcert_cn [SSL::cert 0]
&nbsp;}
&nbsp;when HTTP_REQUEST {     
&nbsp;HTTP::header insert ClientSSL $sslcert_cn
&nbsp;}
&nbsp;I don't know what value use in the [SSL::cert 0] location to ensure that I am capturing the Common Name.  Can you help?

hoolio · Answer

Take a look at the X509:: commands on the wiki (Click here).&nbsp;
&nbsp;I think '[X509::subject [SSL::cert 0]]' should work, but I haven't tested it with a client cert.&nbsp;
&nbsp;Aaron

Forum Discussion

Insert SSL certificate name into HTTP header

4 Replies

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

Username is not filled in EdgeClient in the Modern customization

The GSLB pool is providing an incorrect IP to end users

iRule causing requests to be duplicated (sometimes)

F5 Networks F5CAB1 Exam - Need Help Regarding Prep

Cisco TACACS+ Config on ISE LTM Pair

Related Content

Strict header Insertion

Security Headers Insertion

Insert Client Certificate In Serverside HTTP Headers

C3D and header insert

Automating Certificate Management on F5 BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS