augustusk
Dec 02, 2015Nimbostratus
APM iRule Event
I need some assistance on why I get no value for the client certificate CN when running below iRule. The variable $user gets a value but $cn does not :-(. I have looked in /var/log/ltm and nothing. The end goal is to ensure the username for my APM login page matches the client certificate subject received from client. I need to fill the $cn value to do a comparison and then deny or allow accordingly.
when ACCESS_POLICY_AGENT_EVENT { set user [ACCESS::session data get "session.logon.last.username"] log local0. "User Login Name: $user" }
when CLIENTSSL_CLIENTCERT { set cn [X509::subject [SSL::cert 0]] log local0. "Common Name: $cn"
}