URI redirects with client cert in header

I cannot get this rule to work. I need to insert the client cert subject into the header and then redirect traffic based on client IP address and the URI they are attempting to go too. Each command in the HTTP_Request event works separate. Using only the header insert allows traffic, and using only the http_uri allows traffic. But when trying to insert the Header value and use the URI pool selection in conjunction the rule no longer works. Does anyone know why this is.

when CLIENTSSL_HANDSHAKE {

set cur [SSL::sessionid]

set ask [session lookup ssl $cur]

if { $ask eq "" } { session add ssl [SSL::sessionid] [SSL::cert 0]}

}

when HTTP_REQUEST {

set id [SSL::sessionid]

set the_cert [session lookup ssl $id]

if { $the_cert != "" } {

HTTP::header insert CertSubject [X509::subject $the_cert]}

if { [matchclass [IP::client_addr] equals $::DVW] and

[HTTP::uri] starts_with "/xxx" or

[HTTP::uri] starts_with "/xxx" or} {

use pool test

}

elseif { [matchclass [IP::client_addr] equals $::MVW] and

[HTTP::uri] starts_with "/xxx" or

[HTTP::uri] starts_with "/xxxt" or

[HTTP::uri] starts_with "/xxx" or

[HTTP::uri] starts_with "/xxx" } {

use pool test_a

}

Forum Discussion

URI redirects with client cert in header

Recent Discussions

How to implement LTM forward proxy client to determine the diversion pool based on the domain name

FTP PASV mode to Extended Passive mode

Oracle JDBC SSL Termination failing on F5

APM for banner and cert

An Irule for Client Ssl Profile that Allows Unassigned TLS Extension Values (17516)

Related Content

(HTTP) Redirection via Arbitrary Host Header

F5 XC Distributed Cloud HTTP Header manipulations and matching of the client ip/user HTTP headers

Overview of Trusted Client IP Headers in F5 Distributed Cloud Platform

Akamai True-Client-IP Header Persistence

Inserting a http header on the response to the client

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS