Forum Discussion
Hi Martin Vlasko,
Any update regarding this issue ? I have the same result using Machine Cert Auth, the evaluation of the APM profile is failed and point directly to 'fallback' I get this line on repport:
<< machinecert_auth_ag.result' set to '-2'>>
Do you have the list of machinecert_auth_ag.result value and there meanings ? Regards,
Hi,
It probably depends on what exactly you have in the SAN field of your client certificate.
The F5 help suggests using following regex:
.*DNS Name=([^,]+).*
With the regex you are trying to match and return the SAN value which APM then checks against machine's FQDN. Anything that is found within the round brackets will be returned and compared with FQDN. So in your case I would try something like:
.*DNS Name=(.*\.f5trn\.local).*
or
.*DNS Name=([^,]+\.f5trn\.local).*
It depends on how many values you have in the SAN field, if there are commas, or if it's just a single value.
Perhaps try to dump the certificate into APM log file to see the raw data which should help you figure out the correct regex syntax for your case.