Issue with iRule going from v10.2 to v11.2

I have the following iRule installed in production to pass certificate authentication from a client to the server on the back end. It is working just fine today on the v10.2 ASMs, however in my test environment I am having issues on my v11.2 device, if I fail traffic over to a v10.2 it works just fine.

 

 

If anyone has any insight as to what might be wrong with this iRule going into v11.2 I would appreciate any help I can get.

 

 

 

 

 

when CLIENT_ACCEPTED {

 

set first_time 0

 

set released 0

 

}

 

 

when HTTP_REQUEST {

 

if { [HTTP::uri] starts_with "/Trust" } {

 

if { [SSL::cert count] <= 0 } {

 

HTTP::collect

 

SSL::session invalidate

 

SSL::authenticate always

 

SSL::authenticate depth 9

 

SSL::cert mode request

 

SSL::renegotiate

 

} else {

 

set c_cert [SSL::cert 0]

 

}

 

}

 

}

 

 

when CLIENTSSL_CLIENTCERT {

 

if { [SSL::cert count] < 1 } {

 

reject

 

} else {

 

set c_cert [SSL::cert 0]

 

HTTP::release

 

set released 1

 

}

 

}

 

 

when CLIENTSSL_HANDSHAKE {

 

if { [SSL::cert count] < 1 } {

 

if { $first_time == 0 } {

 

set released 0

 

set first_time 1

 

} else {

 

set released 0

 

reject

 

}

 

} else {

 

if { $released != 1 } {

 

set c_cert [SSL::cert 0]

 

HTTP::release

 

set released 0

 

}

 

}

 

}

 

 

when HTTP_REQUEST_SEND {

 

clientside {

 

if { [info exists c_cert] } {

 

HTTP::header insert X-Client-Cert [b64encode $c_cert]

 

}

 

}

 

}