For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Tarmo_Oja_95406's avatar
Tarmo_Oja_95406
Icon for Nimbostratus rankNimbostratus
Mar 29, 2005

session {add|delete} ssl question

I found this code from Code Share.     rule c_cert_session { when RULE_INIT { set ::key [AES::key 128] log local0. "the key is: $::key" } when CLIENTSSL_CLIENTCERT { ...
application delivery
dev
devops
iRules
unRuleY_95363's avatar
unRuleY_95363
Historic F5 Account
Mar 29, 2005
Answer:

 

a) The rule was constructed to search the session table first and only if an entry wasn't found, look for the cookie. Because of this, the session entry needs to be deleted when switching to the cookie. This could easily be reworked to check for the cookie first, though you might risk getting an outdated cookie.

 

 

b)

 

session add ssl []

 

session lookup ssl

 

session delete ssl

 

 

c) I have no idea. Maybe someone who is more familiar with how a client browser works with the smart cards can shed some light on this question.