sys_auth_ssl_cc_ldap

Question

In this part of the iRule _sys_auth_ssl_cc_ldap: 
&nbsp;  
&nbsp;     when CLIENTSSL_CLIENTCERT { 
&nbsp;         set tmm_auth_ssl_cc_ldap_done 0 
&nbsp;         if {$tmm_auth_ssl_cc_ldap_sid == 0} { 
&nbsp;             set tmm_auth_ssl_cc_ldap_sid [AUTH::start pam default_ssl_cc_ldap] 
&nbsp;             if {[info exists tmm_auth_subscription]} { 
&nbsp;                 AUTH::subscribe $tmm_auth_ssl_cc_ldap_sid 
&nbsp;             } 
&nbsp;         } 
&nbsp;         AUTH::cert_credential $tmm_auth_ssl_cc_ldap_sid [SSL::cert 0] 
&nbsp;         AUTH::authenticate $tmm_auth_ssl_cc_ldap_sid 
&nbsp;         SSL::handshake hold 
&nbsp;     } 
&nbsp;  
&nbsp; which is the function of the command "AUTH::cert_credential", getting user cert subject (Distinguished name in most of the cases)? 
&nbsp;  
&nbsp; Thanks 
&nbsp;

colin_walker_12 · Answer

I'm not sure I follow your question. Are you asking what that command does? 
&nbsp;  
&nbsp; Colin

yeser · Answer

Yes, the explanation "Sets the peer certificate credential to the value of a peer certificate" does not convince me at all.  
&nbsp;  
&nbsp; Peer certificate credential = subject?

Forum Discussion

sys_auth_ssl_cc_ldap

2 Replies

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Not seeing the latest F5OS-A when running Journeys

Related Content

SSL client certificate LDAP authenticate before authorizing

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS