Forum Discussion
John_Antony_162
Nimbostratus
NimbostratusiRule to check Certificate subject and add http few header values
Hi experts,
Our requirements : [We have LTM & APM on the same unit]
a) Application needs to be exposed based on cert authentication to vendors.
b) Cert subject value should be validated to matc...
HTTP commands and probably also SSL commands are not available in ACCESS_POLICY_COMPLETED event.
You may want to stuff values you need in the session table while still in the HTTP_REQUEST event, then you can access them in ACCESS_POLICY_COMPLETED using the [ACCESS::data get ] command.
when HTTP_REQUEST {
if {[SSL::cert count] > 0}{
set cert [SSL::cert 0]
set subject [string tolower [X509::subject $cert]]
ACCESS::session data set session.x509.cert_subject $subject
}
}
when ACCESS_POLICY_COMPLETED {
set cert_subject [ ACCESS::session data get session.x509.cert_subject]
}
I have not checked lately but this data may already be in the APM session table.
HTH
