Log https request with used tls client certificate

Question

Hello, &nbsp;
we are using a F5 LTM as SSL-Offloader with authentication using tls client certificates. &nbsp;
Now I want to log every https request to a defined virtual server with source ip address AND the cn / name of the client certificate. &nbsp;
I found under https://devcentral.f5.com/questions/logging-the-request-coming-to-a-virtual-server?rc=1 a solution to log the request and ip address, but without the used client certificate. &nbsp;
Can anyone help me? &nbsp;
Kind regards&nbsp;
Bjoern&nbsp;

boggs_5738 · Answer

you can look at ltm policies and when creating a rule, a logging option is available to use tcl commands. similar on how you do it on irules. &nbsp;
anyway. these devcentral articles might be useful for your purpose - credit to the original authors.&nbsp;
https://devcentral.f5.com/wiki/iRules.ClientCertificateCNChecking.ashx
https://devcentral.f5.com/questions/create-custom-client-certificate-authentication-with-irule&nbsp;

Forum Discussion

Log https request with used tls client certificate

Recent Discussions

Diameter iRules attachment?

Source IP F5 DNS Zone Forwarder

F5 BIG-IP

BIG-IP Oauth Client and AS

How to Renew F5 Device Certificate

Related Content

Using Client Subnet in DNS Requests

Request Client Certificate And Pass To Application

Thumbprint of the client ssl certificate

BIG-IQ Client Certificate (PKI) Authentication

Help F5 Transform the BIG-IP Administrator Certification

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS