ltm rule command SSL tls13 secretΒΆ

iRule(1)					  BIG-IP TMSH Manual					     iRule(1)

SSL::tls13_secret
       Return data about various TLS 1.3 secrets.

SYNOPSIS
       SSL::tls13_secret client (app | hs | early)

       SSL::tls13_secret server (app | hs)

DESCRIPTION
       Return TLS 1.3 session secrets. Choose which side (client or server) and which secret. "app" references the
       first traffic secret, "hs" -- the handshake traffic secret and "early" -- the client early traffic secret.

RETURN VALUE
       SSL::tls13_secret client app
	   Returns the client app secret.  SSL::tls13_secret server app
	   Returns the server app secret.  SSL::tls13_secret client hs
	   Returns the client handshake secret SSL::tls13_secret server hs
	   Returns the server handshake secret.  SSL::tls13_secret client early
	   Returns the client early traffic secret

VALID DURING
       CLIENTSSL_HANDSHAKE

EXAMPLES
	when CLIENTSSL_HANDSHAKE {
	    log local0. "ClientSSL: Client Handshake Traffic Secret [SSL::clientrandom] is -> [SSL::tls13_secret client hs]"
	    log local0. "ClientSSL: Server Handshake Traffic Secret [SSL::clientrandom] is -> [SSL::tls13_secret server hs]"
	    log local0. "ClientSSL: Client App Traffic Secret [SSL::clientrandom] is -> [SSL::tls13_secret client app]"
	    log local0. "ClientSSL: Server App Traffic Secret [SSL::clientrandom] is -> [SSL::tls13_secret server app]"
	    log local0. "ClientSSL: Client Early Traffic Secret [SSL::clientrandom] is -> [SSL::tls13_secret client early]"
	}

	Sample log output:
	Oct 20 00:48:15 kyle-1 info tmm[17817]: Rule /Common/tls13 : ClientSSL: Client Handshake Traffic Secret d178111e08e5fd160872c40d57583b99771a32da445c355c4210db20cc7fafbd -> 45bb7e8c64f22c1875caf360c55bf117
	Oct 20 00:48:15 kyle-1 info tmm[17817]: Rule /Common/tls13 : ClientSSL: Server Handshake Traffic Secret d178111e08e5fd160872c40d57583b99771a32da445c355c4210db20cc7fafbd -> 15a0d98b60eca9643e028f69d9ff0f37
	Oct 20 00:48:15 kyle-1 info tmm[17817]: Rule /Common/tls13 : ClientSSL: Client App Traffic Secret d178111e08e5fd160872c40d57583b99771a32da445c355c4210db20cc7fafbd -> 011ff5c058845b5df8401403b818497f
	Oct 20 00:48:15 kyle-1 info tmm[17817]: Rule /Common/tls13 : ClientSSL: Server App Traffic Secret d178111e08e5fd160872c40d57583b99771a32da445c355c4210db20cc7fafbd -> 15a0d98b60eca9643e028f69d9ff0f37
	Oct 20 00:48:15 kyle-1 info tmm[17817]: Rule /Common/tls13 : ClientSSL: Client Early Traffic Secret d178111e08e5fd160872c40d57583b99771a32da445c355c4210db20cc7fafbd -> 792a88c7a2faf9003a5d4155918c48170d611c7b7e1b428815d9b72ce781523a

HINTS
SEE ALSO
CHANGE LOG
       @BIGIP-XX.X.X --First introduced the command.

BIG-IP						      2020-06-23					     iRule(1)