How to changer V9 iRule Insert Certificat Value in HTTP header to V10

Hi all

 

 

We update our LTM's version 9.4.7 to version 10.1.0

 

 

There have a iRule didn't worked. And I know in version 10, used table command to instead session.

 

I haved try to rewrite the iRule.

 

V9 iRule

 

=============================================================

 

when CLIENTSSL_CLIENTCERT {

 

session add [SSL::sessionid] [SSL::cert 0]

 

}

 

when HTTP_REQUEST {

 

set id [SSL::sessionid]

 

set cert [session lookup $id]

 

HTTP::header insert SSLCLIENTCERTSUBJECT [X509::subject $cert],[X509::issuer $cert],[X509::version $cert],[X509::serial_number $cert],[X509::not_valid_before $cert],[X509::not_valid_after $cert]

 

HTTP::header insert issuer [X509::issuer $cert]

 

HTTP::header insert versionnum [X509::version $cert]

 

HTTP::header insert serial [X509::serial_number $cert]

 

HTTP::header insert not_valid_before [X509::not_valid_before $cert]

 

HTTP::header insert not_valid_after [X509::not_valid_after $cert]

 

}

 

==============================================================

 

 

V10

 

==============================================================

 

when CLIENTSSL_CLIENTCERT {

 

table set [SSL::sessionid] [SSL::cert 0]

 

}

 

when HTTP_REQUEST {

 

set cert [table lookup [SSL::sessionid]]

 

HTTP::header insert SSLCLIENTCERTSUBJECT [X509::subject $cert],[X509::issuer $cert],[X509::version $cert],[X509::serial_number $cert],[X509::not_valid_before $cert],[X509::not_valid_after $cert]

 

HTTP::header insert issuer [X509::issuer $cert]

 

HTTP::header insert versionnum [X509::version $cert]

 

HTTP::header insert serial [X509::serial_number $cert]

 

HTTP::header insert not_valid_before [X509::not_valid_before $cert]

 

HTTP::header insert not_valid_after [X509::not_valid_after $cert]

 

}

 

==============================================================

 

 

But there have errer in the log.

 

 

local/tmm err tmm[26191]: 01220001:3: TCL error: insert_cert_to_header_2 - while executing "X509::subject $cert"

 

local/tmm7 err tmm7[26198]: 01220001:3: TCL error: insert_cert_to_header_2 - while executing "X509::subject $cert"

 

 

It's my irule right?

 

 

thanks.