Forum Discussion
yeser
Apr 17, 2008Nimbostratus
The actual iRule is harder:
when CLIENT_ACCEPTED {
set collecting 0
set renegtried 0
}
when HTTP_REQUEST {
if { $renegtried == 0
and [SSL::cert count] == 0
and [HTTP::uri] starts_with
"/XXXXXXX" } {
HTTP::collect
set collecting 1
SSL::cert mode request
SSL::renegotiate
}
}
when CLIENTSSL_HANDSHAKE {
if { $collecting == 1 } {
set renegtried 1
HTTP::release
}
}
when HTTP_REQUEST_SEND {
clientside {
if { [SSL::cert count] > 0 } {
HTTP::header insert "auth-cert" [X509::whole [SSL::cert 0]]
}
}
}
This iRule is working OK on all SO but on W2K3 and IE6 & 7. So I try the easiest iRule to request or require a cert on W2K3 and it doesn't work:
when HTTP_REQUEST {
SSL::cert mode request
}
Any idea?? i don't find anything on askf5.
Thanks