Forum Discussion
ekaleido
Cirrus
CirrusWhat is this iRule doing?
I am apparently losing my mind. So without giving my understanding for the following iRule, can someone wiser than I explain what this iRule is doing?
when CLIENTSSL_HANDSHAKE {
if {[SSL::cert cou...
Kevin_Stewart
Employee
EmployeeDuring the CLIENTSSL_HANDSHAKE event, the client is presenting a certificate to me? And that is where I am getting $cert_hash which I ultimately compare to $Expected_hash?
Yes. This iRule assumes that you're doing "mutual" SSL, which is defined in the Client Authentication section of the clientssl profile (request or require).
The data group contains CN and hash values for "known" client certificates, which would have been entered through some previous registration process.
