Brad_53264
Feb 03, 2012Nimbostratus
Route traffic based on SSL client certificate
I need to route incoming traffic to two different pools based on matching a pattern of the SSL client certificate subject.
Here are examples of 4 different SSL client certificates.
CN=ABC.100.1232123,OU=Organization Unit 1,OU=Organization Unit 2,O=Organization,L=Location,ST=State,C=Country
CN=ABC.100.3212341,OU=Organization Unit 1,OU=Organization Unit 2,O=Organization,L=Location,ST=State,C=Country
CN=ABC.200.1321232,OU=Organization Unit 1,OU=Organization Unit 2,O=Organization,L=Location,ST=State,C=Country
CN=ABC.300.5341213,OU=Organization Unit 1,OU=Organization Unit 2,O=Organization,L=Location,ST=State,C=Country
I need all clients that have ABC.100 or ABC.200 in their subject to be routed to pool1, all other clients should be routed to pool2.
Ideally the list of ABC.100 and ABC.200 would be contained in flat file outside the iRule, so that it can be easily updated.
Can someone help create this iRule?
if ( subject matches ABC.100 or ABC.200 ) {
route pool1
} else {
route pool2
}