Hi Mohamed, Thank you so much for your help. We are authneticating via mutual TLS and SN# of cert needs to extracted and pass it along in the HTTP header as X-Common-Name.

Thanks,Thiyagu.

ohh , 
so you need to extract this tls extension and insert it as a header to server side ? 

you need to insert SNI as header " X-common-name " 

Let me check for proper irule , I did before somthing like that , but it was another tls extension 

Hi @Thiyagu , 

you can use something like this : 

when CLIENTSSL_HANDSHAKE {
    if { [SSL::extensions exists -type 0 ] } then {
        set tls_sni_extension [SSL::extensions -type 0 ]
    } else {
        set tls_sni_extension ""
    }
}
when HTTP_REQUEST {
    if { $tls_sni_extension ne "" } then {
        log local0. " The X-common-name <---> $tls_sni_extension"
        HTTP::header insert X-common-name "$tls_sni_extension"
    }
}

I am not sure for type 0 as it depends  , so could you please capture single request to see the sni extension ? 

Sorry Guys for the confusion. We need to extract the below value in the client certificate (from Subject CN)

Common Name: xxxxxx
And it needs to insert in the HTTP header to the server as "X-Common-Name"

Could you please help with an iRule to meet this requirement?

Hi @Thiyagu , 

you can use somthing like that : https://community.f5.com/t5/technical-forum/capturing-the-cn-from-a-x509-subject/td-p/226380