iRule for X509 Subject

thsi is the full iRule

#This will insert multiple headers into the packet to the backend servers.
when CLIENTSSL_CLIENTCERT {
    # See if the no certificate was presented after SSL profile request
    if {[SSL::cert 0] eq ""}{
        # Log a failure to receive a certificate
        log local0. "([IP::client_addr]:[TCP::client_port]-[IP::local_addr]:[TCP::local_port]) failed to provide a certificate, connection rejected"
        # Reset the connection because of no certificate
        reject
    }
    # Log receipt of a client certificate
    #May Be Remarked In Production
    #log local0. "A Cert was submitted from IP Address: [IP::client_addr]"
}

when HTTP_REQUEST {
    # Set a local variable with certificate
    set cert [SSL::cert 0]
    set Cert_CN [X509::subject [SSL::cert 0] commonName]
    log local0. "This is from User_CN   $Cert_CN"
    #HTTP::header insert "X-SSL-Client-CN" "$Cert_CN"
    #HTTP::header insert  X-SSL-Client-S-DN   [X509::subject $cert]
    #HTTP::header insert  X-SSL-Client-NotBefore [X509::not_valid_before $cert]
    #HTTP::header insert  X-SSL-Client-NotAfter  [X509::not_valid_after $cert]
    #HTTP::header insert  X-SSL-Issuer  [X509::issuer $cert]
    #HTTP::header insert  X-SSL-CERT  [X509::whole $cert]
    #HTTP::header insert  X-SSL-SERIAL [X509::serial_number $cert]
    #HTTP::header insert  X-SSL-VERSION [X509::version $cert]
    #HTTP::header insert  X-SSL-EXTENSIONS [X509::extensions $cert]
}