Forum Discussion

Nimbostratus

May 29, 2018

Verifying CN received (client auth)

Hi guys, I'm trying to verify client auth certificate and using this iRule, but from the logs I can see it's always Accepted even though my trusted_certs only has 1 CN; i.e: my trusted_certs is...

application delivery

iRules

ciscoarc

Nimbostratus

May 29, 2018

Apologies, due to organization rule, I can't divulge the full CN.

The trusted_certs only contains 1 single line as above. So I created a self-signed cert and key using openssl and send it to the Virtual Server with command:

openssl -s_client -connect host:port -cert 1234.mycompany.com -key 1234.mycompany.com

This is what I see from F5 logs:

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Verifying CN received (client auth)

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

Global Log Receiver

Verified Design: SSL Orchestrator with McAfee Web Gateway-Part 1

Verified Design: SSL Orchestrator with Cisco Firepower Virtual Edition-Part 1

Verifying Slack Requests with Mutual TLS

Verified Design: SSL Orchestrator with Palo Alto NGFW Virtual Edition-Part 2

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS