ltm rule command X509 verify cert error string
iRule(1) BIG-IP TMSH Manual iRule(1)
X509::verify_cert_error_string
Returns an X509 certificate error string.
SYNOPSIS
X509::verify_cert_error_string ERROR_CODE
DESCRIPTION
Returns the same result as the OpenSSL function
X509_verify_cert_error_string(). Values for the argument must be the same values as those that the SSL::verify
result command returns.
Syntax
X509::verify_cert_error_string
* Returns the same result as the OpenSSL function
X509_verify_cert_error_string(). Values for the argument must be the same values as those that the
SSL::verify result command returns.
RETURN VALUE
Returns an X509 certificate error string.
VALID DURING
ANY_EVENT
EXAMPLES
when CLIENTSSL_CLIENTCERT {
set cert [SSL::cert 0]
log local0. "Cert subject - [X509::subject $cert]"
set error_code [SSL::verify_result]
log local0. "Cert verify result - [X509::verify_cert_error_string $error_code]"
}
HINTS
SEE ALSO
CHANGE LOG
@BIGIP-9.0.0 --First introduced the command.
BIG-IP 2017-01-31 iRule(1)