ltm rule command X509 subject public key RSA bits
iRule(1) BIG-IP TMSH Manual iRule(1)
X509::subject_public_key_RSA_bits
Returns the size of the subjectXs public RSA key of an X509 certificate.
SYNOPSIS
X509::subject_public_key_RSA_bits CERTIFICATE
DESCRIPTION
Returns the size, in bits, of the subjectXs public RSA key of the specified X509 certificate. This command is
only applicable when the public key type is RSA. Otherwise, the command generates an error.
Syntax
X509::subject_public_key_RSA_bits
* Returns the size, in bits, of the subjectXs public RSA key of the
specified X509 certificate.
RETURN VALUE
Returns the size of the subjectXs public RSA key of an X509 certificate.
VALID DURING
ANY_EVENT
EXAMPLES
when CLIENTSSL_CLIENTCERT {
set client_cert [SSL::cert 0]
log local0. "Cert subject - [X509::subject $client_cert]"
log local0. "Cert subject public key RSA bits - [X509::subject_public_key_RSA_bits $client_cert]"
if { [X509::subject_public_key_RSA_bits $client_cert] <= 1024 } {
SSL::verify_result 50
}
set error_code [SSL::verify_result]
log local0. "Cert verify result - [X509::verify_cert_error_string $error_code]"
}
when HTTP_REQUEST {
if { [info exist error_code] } {
if { $error_code > 0 } {
HTTP::redirect "https://some_other_site/"
}
}
}
HINTS
SEE ALSO
CHANGE LOG
@BIGIP-9.0.0 --First introduced the command.
BIG-IP 2020-06-23 iRule(1)