ltm rule command X509 subject public key RSA bits
iRule(1) BIG-IP TMSH Manual iRule(1)
X509::subject_public_key_RSA_bits
Returns the size of the subjectaXXs public RSA key of an X509
certificate.
SYNOPSIS
X509::subject_public_key_RSA_bits CERTIFICATE
DESCRIPTION
Returns the size, in bits, of the subjectaXXs public RSA key of the
specified X509 certificate. This command is only applicable when the
public key type is RSA. Otherwise, the command generates an error.
Syntax
X509::subject_public_key_RSA_bits
* Returns the size, in bits, of the subjectaXXs public RSA key of the
specified X509 certificate.
RETURN VALUE
Returns the size of the subjectaXXs public RSA key of an X509
certificate.
VALID DURING
ANY_EVENT
EXAMPLES
when CLIENTSSL_CLIENTCERT {
set client_cert [SSL::cert 0]
log local0. "Cert subject - [X509::subject $client_cert]"
log local0. "Cert subject public key RSA bits - [X509::subject_public_key_RSA_bits $client_cert]"
if { [X509::subject_public_key_RSA_bits $client_cert] <= 1024 } {
SSL::verify_result 50
}
set error_code [SSL::verify_result]
log local0. "Cert verify result - [X509::verify_cert_error_string $error_code]"
}
when HTTP_REQUEST {
if { [info exist error_code] } {
if { $error_code > 0 } {
HTTP::redirect "https://some_other_site/"
}
}
}
HINTS
SEE ALSO
CHANGE LOG
@BIGIP-9.0.0 --First introduced the command.
BIG-IP 2017-01-31 iRule(1)