iRule needed for setting variables using/checking client certificates
I have user that connect to an appliance and use 2 factor to authenticate. Here is a breakdown:
SSL connection to login page -> User is prompted for AD credentials and the AD credentials are verified -> Users are then prompted for OTP verfication, it passes -> access to webtop
I would want to implemnet client certificates where users that don't present/give a client cert sign in like normal with OTP. If you have a cert i would like to have a variable set that i can filter on in the access policy to prevent users being prompted for OTP.
I found a page below but its not exactly what i need. I need to check the CA and then set a variable that i can call/lookup later in the access policy.
https://devcentral.f5.com/wiki/iRules.ClientCertificateCNChecking.ashx
Basically i am trying to add an irule that checks for a client cert (one form of 2 factor) or the users have to use OTP/authenticator etc...