Is SSL::cert populated when using APM "On-Demand Cert Auth"?
Hi! I have configured client cert authentication using APM and its On-Demand Cert Auth action. I would like to retrieve the client certificate in an iRule event (HTTP_REQUEST) using SSL::cert command. In the end, I am going to hash the certificate to produce the thumbprint. As I need to the binary form of the certificate, I will not use APM session variable for this. if { [SSL::cert count] > 0 } { binary scan [sha1 [SSL::cert 0]] H* cert_thumbprint } Unfortunately, SSL::cert count remains 0 as if SSL::cert was not populated after the On-Demand action!? This issue does not happen when client cert authentication is performed right from a client ssl profile without APM. Do I have to look to another event in the iRule to get an SSL::cert object populated? Something else? Regards, John.