cancel
Showing results for 
Search instead for 
Did you mean: 

Is it possible to discard client certificate session information after iRule processing?

rob_carr
MVP
MVP

 

We are implementing a service that has a MASSL requirement, and we have an iRule that looks at the DN and CN values of the client cert. In testing we have seen SSL consuming a large enough proportion of memory that the connection reaping is activated. If we weren't using an iRule we could disable the 'retain certificate' feature as described here: K19802202: Disabling the Retain Certificate option in an SSL profile to reduce memory pressure.

 

Is there a way to retain the certificate in session variables, complete iRule processing and then clear or discard the session variables?

0 REPLIES 0