Error in iRule when invoking HTTP::release
I was running V10.2.4 HF3 and have upgraded to V11.2.1 HF1. I now have this iRule that won't run. It gives the following error:
- Illegal argument. Can't execute in the current context. (line 1) invoked from within "HTTP::release"
The purpose of the rule is to force clients who access a particular uri to change client cert from required to request in support of an old legacy java application. Any ideas why the http::release is no longer working would be apreciated.
when CLIENT_ACCEPTED {
set LogDebug 1
set session_flag 0
if { $LogDebug == 1 } { log local0.warn "CLIENT_ACCEPTED: Session_flag at end CLIENT_ACCEPTED is $session_flag" } }
when CLIENTSSL_HANDSHAKE {
set LogDebug 1
if { $LogDebug == 1 } { log local0.warn "CLIENTSSL_HANDSHAKE: cert count=[SSL::cert count]" }
if { [SSL::cert count] > 0 } {
if { $LogDebug == 1 } { log local0.warn "CLIENTSSL_HANDSHAKE: when client handshake , two way cert found and the cert count is [SSL::cert count]" }
if { $LogDebug == 1 } { log local0.warn "CLIENTSSL_HANDSHAKE: Session flag is $session_flag" }
HTTP::release
} else {
if { $LogDebug == 1 } { log local0.warn "CLIENTSSL_HANDSHAKE: when client handshake,ssl cert count is 0,pass" }
}
}
when HTTP_REQUEST {
set LogDebug 1
if { [string tolower [HTTP::uri]] equals "/mis" || [string tolower [HTTP::uri]] equals "/missd" || [string tolower [HTTP::uri]] equals "/mat" } {
if { $LogDebug == 1 } { log local0.warn "HTTP_REQUEST: Requiring certificate...and the request uri is :[HTTP::uri]" }
if { [SSL::cert count] == 0 } {
if { $LogDebug == 1 } { log local0.warn "HTTP_REQUEST: when http request,ssl cert count is 0,now http collect" }
HTTP::collect
SSL::authenticate once
SSL::authenticate depth 9
SSL::cert mode require
log local0.info "HTTP_REQUEST: when http request,now renegotiating"
set session_flag 1
SSL::renegotiate
} else {
if { $LogDebug == 1 } { log local0.warn "HTTP_REQUEST: No cert needed,to server directly, and the uri is [HTTP::uri]" }
}
}
log local0.info "HTTP_REQUEST: Session_flag at end of http_request is $session_flag"
}