X509::subject_public_key_RSA_bits

Description

Returns the size, in bits, of the subject’s public RSA key of the specified X509 certificate. This command is only applicable when the public key type is RSA. Otherwise, the command generates an error.

Syntax

X509::subject_public_key_RSA_bits <X509 certificate>

X509::subject_public_key_RSA_bits <X509 certificate>

  • Returns the size, in bits, of the subject’s public RSA key of the specified X509 certificate.

Examples

when CLIENTSSL_CLIENTCERT {
  set client_cert [SSL::cert 0]
  log local0. "Cert subject - [X509::subject $client_cert]"
  log local0. "Cert subject public key RSA bits - [X509::subject_public_key_RSA_bits $client_cert]"
  if { [X509::subject_public_key_RSA_bits $client_cert] <= 1024 } {
    SSL::verify_result 50
  }
  set error_code [SSL::verify_result]
  log local0. "Cert verify result - [X509::verify_cert_error_string $error_code]"
}
when HTTP_REQUEST {
  if { [info exist error_code] } {
    if { $error_code > 0 } {
      HTTP::redirect "https://some_other_site/"
    }
  }
}