For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Matt_108491's avatar
Matt_108491
Icon for Nimbostratus rankNimbostratus
Dec 03, 2008

Some basic iRule questions

  I am a little new to irules so I could get some advice I would appriciate it.     I have traffic moving through an F5 LTM and it uses client side authentication.     There...
application delivery
dev
devops
iRules
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Dec 03, 2008
What are you trying to accomplish with the changes to the iRule?

 

 

If the application (or LTM) sets an arbitrary HTTP header in a response, the client will not include that same header in a subsequent request. You could try setting a cookie with the subject DN as the cookie value. The client would automatically include the cookie in requests assuming they support cookies. But a malicious client could modify the cookie value. So you could encrypt the cookie value in responses and decrypt it on requests. Another option would be to store the cert information in the session table, using the session command (Click here). There are examples of this in the Codeshare:

 

 

Insert Cert In Server Headers

 

http://devcentral.f5.com/wiki/default.aspx/iRules/InsertCertInServerHeaders.html

 

 

Aaron