What is [SSL:cert count] a count of?

Question

When I use the rule and clientssl profile below, the log show [SSL::cert count] as 2, and CLIENTSSL_CLIENTCERT is executed twice. Is this because my CA file in &nbsp;
&nbsp;    client cert ca "the-ca-bundle.crt"&nbsp;
&nbsp;contains two certificates, and the client verifies against them sequentially until one matches?&nbsp;
&nbsp;What would be really nice is some doco on some of these commands. In particular the session command. Can someone point me to a source for this? The wiki seems to have a place-holder for every topic I want to know about.&nbsp;
&nbsp;Thanks.
&nbsp;-&nbsp;
&nbsp;when CLIENTSSL_CLIENTCERT {
&nbsp;    log "ssl cert count = [SSL::cert count]"
&nbsp;}&nbsp;
&nbsp;profile clientssl the_clientssl_profile {
&nbsp;   ...
&nbsp;   client cert ca "the-ca-bundle.crt"
&nbsp;   ...
&nbsp;}&nbsp;&nbsp;
&nbsp;Mar 24 23:58:30 tmm tmm[27979]: 01220002:6: Rule DHS_FSF_https : ssl cert count = 2
&nbsp;Mar 24 23:58:34 tmm tmm[27979]: 01220002:6: Rule DHS_FSF_https : ssl cert count = 2&nbsp;&nbsp;

uni · Answer

Thanks Colin for your reply.&nbsp;
&nbsp;Regarding further documentation, I'm really curious as to what the "session" command does. I have seen it used in several examples, particularly when referencing client certificate information. From these examples though, I could not work out what "session" was doing, nor why it was being used.

Forum Discussion

What is [SSL:cert count] a count of?

Recent Discussions

How to implement LTM forward proxy client to determine the diversion pool based on the domain name

ASM Export JSON - size Limit ?

SNI Sites not taking correct certificate.

LTM Rule, iRule, or Brute Force Configuration to Limit URL Access

F5 LTM listening on 3306

Related Content

The table Command: Counting

APM sesions count per partition

F5 ASM | count violation

get_statistics method failing when trying to get current connection counts

TMSH equivalent command for virtual count

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS