Forum Discussion
Maxim_Taskov_90
Nov 15, 2011Nimbostratus
Thanks for the fast reply hoolio. Yes, I am on 9.4.7, so the $:: prefix isn't really needed.
The iRule continues to function fine if authorized and valid but unauthorized client certificate is received. However, the iRule co9ntinues to crash with the following TCL error and allow the connection:
Nov 15 20:34:59 tmm tmm[1672]: 01220001:3: TCL error: client_cert_check - command returned bad code: 32 while executing "if {[SSL::cert count] > 1 and [SSL::cert 0] ne ""}{ set subject_dn [X509::subject [SSL::cert 0]] log local0. "Client Certificate Received:..."
Now the connection is at least rejected when client certificate is not presented but nothing appears in the log.
Thanks again for your help.