Slack Mutual TLS Recipe: Adding X-Client-Certificate-SAN header from client certificate

Problem this snippet solves: The following is based on the documentation from Slack of how to authenticate requests from Slack via mutual TLS and pass along the information to a service that is not ...
Published Jul 10, 2019
Version 1.0
cloud
iRules
slack
Eric_Chen's avatar
Eric_Chen
Icon for Employee rankEmployee
Aug 28, 2019

For the CN it would be the following.

when HTTP_REQUEST {
  if {[SSL::cert 0] ne ""}{
    set tmpcn [X509::subject [SSL::cert 0]]
    set cn [findstr $tmpcn "CN=" 3]
    HTTP::header replace X-Client-Certificate-SAN $cn
    
  } else {
    HTTP::header remove X-Client-Certificate-SAN
  }
}