Forum Discussion

Employee

21 years ago

Inserting client certificate information into HTTP headers

To accomplish this, from reading the manual, it looks like I want to be using this: SSL::modssl_sessionid_headers and then HTTP::header insert_modssl_fields ...

Employee

21 years ago

when CLIENTSSL_HANDSHAKE {

set my_cert_0 [SSL::cert 0]

set my_verify_result [SSL::verify_result]

}

when HTTP_REQUEST {

HTTP::header insert [X509::cert_fields $my_cert_0 $my_verify_result issuer]

}

Using this rule, it seems to work except this is the only http header I get inserted:

HTTP_SSLCLIENTCERTSTATUS:error number 1

Looking at mod_ssl verify results error codes, I can't seem to see what a 1 would mean. 0 seems to be a pass:

http://www.hmug.org/man/1/verify.html

I'm using BIG-IP too already verify the client certificate against a CRL And that is working fine.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Inserting client certificate information into HTTP headers

AppWorld Berlin iRules Contest!

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

Recent Discussions

Changes to DO and AS3 GitHub - no longer monitored

SSL Forward Proxy, iRules and Client Hello

monitor/healthcheck issue with envoy gateway

Recommendation for Adv. Lab

How to Verify config before loading to F5

Related Content

Automating Certificate Management on F5 BIG-IP

Certificate Automation for BIG-IP using CyberArk Certificate Manager, Self-Hosted

Automating ACMEv2 Certificate Management on BIG-IP

Insert Client Certificate In Serverside HTTP Headers

External Monitor Information and Templates

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS