ltm rule command X509 subject public key RSA bits

iRule(1)					  BIG-IP TMSH Manual					     iRule(1)

X509::subject_public_key_RSA_bits
       Returns the size of the subjectXs public RSA key of an X509 certificate.

SYNOPSIS
       X509::subject_public_key_RSA_bits CERTIFICATE

DESCRIPTION
       Returns the size, in bits, of the subjectXs public RSA key of the specified X509 certificate. This command is
       only applicable when the public key type is RSA. Otherwise, the command generates an error.

       Syntax

       X509::subject_public_key_RSA_bits 

	    * Returns the size, in bits, of the subjectXs public RSA key of the
	      specified X509 certificate.

RETURN VALUE
       Returns the size of the subjectXs public RSA key of an X509 certificate.

VALID DURING
       ANY_EVENT

EXAMPLES
	when CLIENTSSL_CLIENTCERT {
	  set client_cert [SSL::cert 0]
	  log local0. "Cert subject - [X509::subject $client_cert]"
	  log local0. "Cert subject public key RSA bits - [X509::subject_public_key_RSA_bits $client_cert]"
	  if { [X509::subject_public_key_RSA_bits $client_cert] <= 1024 } {
	    SSL::verify_result 50
	  }
	  set error_code [SSL::verify_result]
	  log local0. "Cert verify result - [X509::verify_cert_error_string $error_code]"
	}
	when HTTP_REQUEST {
	  if { [info exist error_code] } {
	    if { $error_code > 0 } {
	      HTTP::redirect "https://some_other_site/"
	    }
	  }
	}

HINTS
SEE ALSO
CHANGE LOG
       @BIGIP-9.0.0 --First introduced the command.

BIG-IP						      2020-06-23					     iRule(1)