ltm rule command X509 verify cert error string

iRule(1)		      BIG-IP TMSH Manual		      iRule(1)



X509::verify_cert_error_string
       Returns an X509 certificate error string.

SYNOPSIS
       X509::verify_cert_error_string ERROR_CODE

DESCRIPTION
       Returns the same result as the OpenSSL function
       X509_verify_cert_error_string(). Values for the  argument must be the same values as those that the SSL::verify
       result command returns.

       Syntax

       X509::verify_cert_error_string 

	    * Returns the same result as the OpenSSL function
	      X509_verify_cert_error_string(). Values for the  argument must be the same values as those that the
	      SSL::verify result command returns.

RETURN VALUE
       Returns an X509 certificate error string.

VALID DURING
       ANY_EVENT

EXAMPLES
	when CLIENTSSL_CLIENTCERT {
	  set cert [SSL::cert 0]
	  log local0. "Cert subject - [X509::subject $cert]"
	  set error_code [SSL::verify_result]
	  log local0. "Cert verify result - [X509::verify_cert_error_string $error_code]"
	}

HINTS
SEE ALSO
CHANGE LOG
       @BIGIP-9.0.0 --First introduced the command.



BIG-IP				  2017-01-31			      iRule(1)