Emad
Dec 13, 2016Cirrostratus
Debug SSL communication
I am trying to debug a mutual authentication issue. Is there any way i can get complete SSL client certificate used during ssl communication. I tried to use following irule but it does not work in case of wrong client certificate.
Iule:
ltm rule log_mutual_auth {
when CLIENTSSL_CLIENTCERT {
log local0. "Issuer Info: [X509::issuer [SSL::cert 0]] , Certificate Info: [X509::subject [SSL::cert 0]]"
}
}
Error in LTM logs:
Dec ltm01 err tmm[16373]: 01220001:3: TCL error: /Common/log_mutual_auth - Error using (line 3) invoked from within "X509::issuer [SSL::cert 0]"