Forum Discussion
chin_15339
Nimbostratus
thanks Stanislas but the rule is still not working when there is no client certificate presented I want the page to redirect to /Certmissing
Stanislas_Piro2
Apr 30, 2017Cumulonimbus
Hi,
Can you explain what are 192 and 168 hostnames? (it make me think about 192.168.x.x).
when RULE_INIT {
set static::debug 1
}
when CLIENTSSL_CLIENTCERT {
Example Subject DN: /C=AU/ST=NSW/L=Syd/O=Your Organisation/OU=Your OU/CN=John Smith
set subject_dn [X509::subject [SSL::cert 0]]
if { $subject_dn != "" }{
if { $static::debug }{ log "Client Certificate received: $subject_dn"}
}
}
when HTTP_REQUEST {
if { [HTTP::host] contains "192" && [HTTP::host] && [HTTP::uri] equals "/" } {
switch -glob -- $subject_dn {
"" {HTTP::redirect "/Certmissing.html"}
"*CN=Vinit-A*" {HTTP::redirect "/vinit-A.html"}
"*CN=Vinit-B*" {HTTP::redirect "/vinit-B.html"}
"*CN=Vinit-B*" {HTTP::redirect "/vinit-C.html"}
}
} elseif { [HTTP::host] contains "168" && [HTTP::uri] equals "/" }{
if { $subject_dn eq "" } {HTTP::redirect "/Certmissing.html"}
}
}