Forum Discussion
Colin_Walker_12
Jan 12, 2007Historic F5 Account
When you say that the $sn variable doesn't have a value, are you saying that because the "Serial" header being inserted is blank? Is the Serial header even being inserted?
I'd add a few logging statements to the rule to be sure things are functioning, or in this case malfunctioning, the way you think they are, and to give us a bit more insight if things are still failing as to what the problem might be.
Something like:
when CLIENTSSL_CLIENTCERT {
set cert [SSL::cert 0]
set sn [X509::serial_number $cert]
log local0. "cert is $cert"
log local0. "sn is $sn"
}
when HTTP_REQUEST {
if { [info exists $sn] } {
HTTP::header insert Serial $sn
log local0. "sn is $sn"
}
}
HTH,
Colin