Forum Discussion

Nimbostratus

Sep 27, 2018

Server Certificate CN Verification with iRule

Hi, I wonder whether there is a way to verify server certificate CN with iRule. I know it is possible for client authentication, but can it be done for server side as well? Thank you for any sug...

iRules

security

youssef1

Cumulonimbus

Sep 27, 2018

Hi,

As you know when you do client auth on client side, it's client that provide certificate during handshake ssl.

but in server side it will be F5 so you confirm that you want to retrieve CN in cert provide by f5? to the backend. it make sens?

just for info if you want to retrieve cn (subject) from client cert:

when HTTP_REQUEST {
  if {[SSL::cert count] > 0}{
    set cert [SSL::cert 0]
    set subject [string tolower [X509::subject $cert]]
  }
}

regards

Forum Discussion

Server Certificate CN Verification with iRule

Recent Discussions

Server 2 causing application slowness

F5Access | MacOS Sonoma

AS3 Deployments (shared objects)

Inquiry on F5's Maintenance Mode Feature for Pool Members

Ansible modules for F5OS

Related Content

Configure NGINX microgateway for MTLS termination and client certificate hash verification

Trouble applying GoDaddy certificate to a virtual server

Re: Management Certificate

My Security+ Certification Journey

Certifications for security professionals