Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 

Best way to pass http header by iRule containing Client TLS information

Moinul_Rony
Altostratus
Altostratus

Hi All, 

We are planning to identify TLS connection information from clients. ie: TLS version, CIPHER suits

How can we trap and pass through this client information via HTTP header so application team can analyse.

Thanks.

1 ACCEPTED SOLUTION

Hi Moinul_Rony,

when HTTP_REQUEST {
	HTTP::header insert X-Forwarded-TLSVersion [SSL::cipher version]
	HTTP::header insert X-Forwarded-CipherName [SSL::cipher name]
	HTTP::header insert X-Forwarded-CipherBits [SSL::cipher bits]
}

 

View solution in original post

3 REPLIES 3

Hi Moinul_Rony,

when HTTP_REQUEST {
	HTTP::header insert X-Forwarded-TLSVersion [SSL::cipher version]
	HTTP::header insert X-Forwarded-CipherName [SSL::cipher name]
	HTTP::header insert X-Forwarded-CipherBits [SSL::cipher bits]
}

 

Thansk @Enes_Afsin_Al , 

Do you happen to have the full list of [SSL::Options? 

SSL::cipher name
SSL::cipher version
SSL::cipher bits

These are the values that can be used for SSL::cipher.
https://clouddocs.f5.com/api/irules/SSL__cipher.html

You can view all SSL:: commands from the link.
https://clouddocs.f5.com/api/irules/SSL.html