Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

iRule header insert

Go to solution
sgnormo
Cirrus
Cirrus

‎08-Nov-2022 00:48

I am using an iRule to perform a header insert of the user common name.  Now the request is that if a user clicks cancel when prompted for a certificate that the user still get to the web server splash page.  I am a weak iRule writer, so I am kindly asking for help in modifying the iRule so that if user clicks cancels the iRule does not cause connection error for the user's that click cancel at the certificate prompt.

 

when CLIENTSSL_CLIENTCERT {
if {[SSL::cert 0] ne ""} {
#log local0. "Client cert subject: [X509::subject [SSL::cert 0]]"
set client_subject [X509::subject [SSL::cert 0]]
# set client_cn [findstr $client_subject "CN=" 3 ","]
}
}
when HTTP_REQUEST_SEND {
# log local0. "In request send section $client_subject"
clientside {
HTTP::header insert X-Client-Cert [X509::subject [SSL::cert 0]]
}
}

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
sgnormo
Cirrus
Cirrus

‎08-Nov-2022 06:17

that pointer gave me what i needed  thank you.

when CLIENTSSL_CLIENTCERT {
if {[SSL::cert 0] ne ""} {
#log local0. "Client cert subject: [X509::subject [SSL::cert 0]]"
set client_subject [X509::subject [SSL::cert 0]]

}
}
when HTTP_REQUEST {
if {[info exists client_subject]} {
HTTP::header insert X-Client-Cert [X509::subject [SSL::cert 0]]
}
}

View solution in original post

2 REPLIES 2

Go to solution
Mohamed_Ahmed_Kansoh
MVP
MVP

‎08-Nov-2022 04:52

Hi @sgnormo , 
  Please check this , it may help : 
https://community.f5.com/t5/technical-forum/insert-common-name-value-to-http-header/td-p/111177

Regards 

_______________________
Regards
Mohamed Kansoh

Go to solution
sgnormo
Cirrus
Cirrus

‎08-Nov-2022 06:17

that pointer gave me what i needed  thank you.

when CLIENTSSL_CLIENTCERT {
if {[SSL::cert 0] ne ""} {
#log local0. "Client cert subject: [X509::subject [SSL::cert 0]]"
set client_subject [X509::subject [SSL::cert 0]]

}
}
when HTTP_REQUEST {
if {[info exists client_subject]} {
HTTP::header insert X-Client-Cert [X509::subject [SSL::cert 0]]
}
}

Copyright © 2023 Khoros, LLC