Loadbalancing based on UDP SSL certificate issuer
In our environment we have multipl WLCs which are trying to connect RADIUS ( UDP 1812) for authentication along with certificate.
Some are WLCs (during authentications) are sending old certificates and some are new one.
We intention is based on certificate issuer ( on UDP traffic) , the F5 LTM need to redirect to different pool.
Kindly let me know, whether we can achive this with UDP profile and below irule? or any other way to fulfil our requirement.
Appreciate your help on this.
when CLIENTSSL_HANDSHAKE {
set server_cert [SSL::cert 1] ;# Retrieve the server certificate (index 1)
set cn [SSL::cert subject commonName]
if { [string match "*CS PRD*" $cn] } {
# Route to Pool A for servers with Type A certificates
pool RADIUSOLD_POOL
} else {
# Default route for other cases
pool RADIUSNEW_POOL
}
}