Forum Discussion
ekanathdas_2662
May 07, 2012Nimbostratus
Should the below work?
when CLIENTSSL_CLIENTCERT {
set cert [SSL::cert 0]
set subject [X509::subject $cert]
set clientIP [IP::client_addr]
if { $subject contains "CN=ABCD.com" } {
pool abcd } {
log local0. "cert CN valid" }
else {
log $clientIP
log local0. "cert CN not valid"
reject
}
}