Forum Discussion
jaikumar_f5
Dec 11, 2019MVP
Actually the x509 whole gives you in pem format,
- jaikumar_f5Dec 11, 2019MVP
Actually, the below code should capture the Intermediate certs too.
when CLIENTSSL_CLIENTCERT { if {[SSL::cert count] > 0}{ if { [SSL::verify_result] == 0 }{ for {set i 0} {$i < [SSL::cert count]} {incr i}{ log local0. "CERT NUMBER= $i - SUBJECT= [X509::subject [SSL::cert $i]] - Issuer= [X509::issuer [SSL::cert $i]] - SERIAL= [X509::serial_number [SSL::cert $i]]" } } else { log local0. "Cert Info: [X509::verify_cert_error_string [SSL::verify_result]]" } } else { log local0. "No client certificate provided" } }
If you think this helps your requirement, please mark the thread as solved.