Forum Discussion

Nuno__Paulino_6's avatar
Nuno__Paulino_6
Icon for Nimbostratus rankNimbostratus
Feb 13, 2006

Certificate External Validation

Hi!

 

 

I never used iControl and i have a doubt if i should use iControl to solve my problem.

 

 

The objective is to validate a certificate against an external database (not a regular crl).

 

 

Can i create a script with iControl API and then call it from an iRule and wait for an answer to decide what node to use?

 

 

Thanks in advance

 

 

 

1 Reply

  • iControl is our remote management API that you can get or set configuration components of our devices with. It also allows for querying of statistical data.

     

     

    From within iRules you can extract the components of the certificate, but we do not allow any communication with outside processes for performance and stability reasons. Imagine an iRule that's processing 1000+ connections per second trying to make an outbound socket call to a process on another device...

     

     

    One option that I can think of is if you build an application that will pull the data from your database and insert it into a Data Group (or just insert it manually via the GUI). You could then extract the relevant info from the certificate and do a lookup on the data group with either the matchclass or findclass methods.

     

     

    -Joe