DataScript: avi.ssl.client_cert
Function | avi.ssl.client_cert( [[avi.CLIENT_CERT] [, avi.CLIENT_CERT_FINGERPRINT] [, avi.CLIENT_CERT_SUBJECT] [, avi.CLIENT_CERT_ISSUER] [, avi.CLIENT_CERT_SERIAL]] ) |
Description | Returns the client certificate in the PEM format for an established SSL connection. Optional parameters will filter the fields returned from the client certificate. |
Events | HTTP_REQ HTTP_RESP |
Parameter | When no argument or avi.CLIENT_CERT is specified, returns the client certificate in the PEM format for an established SSL connection from the client to the virtual service, with each line except the first prepended with the tab character. avi.CLIENT_CERT_SUBJECT returns the subject DN string. avi.CLIENT_CERT_ISSUER returns the issuer DN string. avi.CLIENT_CERT_SERIAL returns the serial number. avi.CLIENT_CERT_FINGERPRINT returns the SHA1 fingerprint (hash) of the cert. |
Returns | Up to five arguments, pertaining to the client cert and its fields. |
Example 1 | If the cert's issuer isn't correct, add the issuer to a header and forward to a quarantine server pool.
|
Example 2 | Logs the client cert attributes for the SSL connection.
|