I agree with Michael on this. One issue with that iRule is that SSL::sessionid will return a null string instead of 64 zeroes if the client's session ID doesn't exist in TMM's cache.
That said, you should also add a check to see that the cert count is > 0 before adding anything to the session table. And you should check in HTTP_REQUEST to see that the session ID is not null before attempting a session lookup.
You could modify this Codeshare example to fit your scenario:
http://devcentral.f5.com/wiki/iRules.InsertCertInServerHeaders.ashx
AAaron