Get SSL Handshake Alert Fatal 44 with certificate revoked

you should have a variable (shown in the /var/log/apm logs) with that value. You could check in the VPE (after On-demand cert check) and create a branch selection with that "44" value. Then proceed with your action

hi amolati, Thank you for your answer, but I do not understand where you're going with VPE and the "On-demande Cert Auth" box. Can you be more explicit? thank you

could you explain better what you mean with "how to get this code back by performing a control OCSP"

what do you want to happen on the APM side, should it show the code on a webpage or do you want it send to the client on SSL level?

Hi, when a certificate is revoked, RFC 5246 says that the error code must be "certificate_revoked(44)"

I had this irule from my local contact (put after auth by apm) and it's works fine :

    switch $ssl_version {
        "TLSv1.2" { set hex_version "0303" }
        "TLSv1.1" { set hex_version "0302" }
        "TLSv1.0" { set hex_version "0301" }
        default { reject; return }
    }

    set hex_response "15${hex_version}0002022C"
    set bin_response [binary format H* $hex_response]
    TCP::respond "$bin_response"
    TCP::close