F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Kiran_Kumar's avatar
Kiran_Kumar
Icon for Nimbostratus rankNimbostratus
Aug 22, 2013

iRule to pass client ssl cert to the Application server(pool member)

Hi Friends,   Could you please assist me with an iRule to pass the client sslcert to the application server backend. I can think of an iRule passing info from certain fields in the ssl cert throug...
application delivery
design
devops
iRules
security
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Aug 22, 2013

I would just add that the PEM format returned with [X509::whole [SSL::cert 0]] will have line breaks it. Example:

===== BEGIN CERTIFICATE =====
Hdurhdudjdushshsjejdushdudjs
Hsueyejsusuatagsidushsusjsjdu
...
===== END CERTIFICATE =====

that would probably cause problems as a single HTTP header. I'd recommend either re-base64-encoding that value, or simply base64-encode the raw binary certificate and shove that into the header.

HTTP::header insert "SSL_CLIENT_CERT" [URI::encode [b64encode [SSL::cert 0]]]