Forum Discussion
Nick_Matthews
Feb 20, 2014Altostratus
So I have got it roughly working if I use a browser, but the app still doesnt work, it reports the below error:
TCL error: /Common/TMCertCheck - while executing "X509::subject $cert"
The rule I am using is:
get certificate data
when CLIENTSSL_CLIENTCERT priority 1 {
set cert [SSL::cert 0]
set subject [X509::subject $cert]
set issuer [X509::issuer $cert]
set version [X509::version $cert]
set clientIP [IP::client_addr]
check Certificate common name to see if it contains the FQDN for Virtual server
if { $subject contains "CN=MyEmailAddress" } {
uncomment the line below to validate that the iRule is accepting a valid certificate
log local0. "cert CN valid"
} else {
if the certificate is not valid log client IP and reject connection
log $clientIP
log local0. "cert CN not valid"
reject
}
}