Requirement :
Client Certificate Comman Name: ( CN) should be checked and if matched a redirect has to be set and if there is no client certificate the page has to be redirected to a different link
Requirement :
Client Certificate Comman Name: ( CN) should be checked and if matched a redirect has to be set and if there is no client certificate the page has to be redirected to a different link
when RULE_INIT {
set static::debug 1
}
when HTTP_REQUEST { if {[SSL::cert count] > 0} {set cert_subject [X509::subject [SSL::cert 0]]
switch -glob -- $cert_subject {
"*CN=Vinit-A*" {HTTP::redirect "/vinit-A.html"}
"*CN=Vinit-B*" {HTTP::redirect "/vinit-B.html"}
"*CN=Vinit-C*" {HTTP::redirect "/vinit-C.html"}
default {HTTP::redirect "/Certmissing.html"}
}
}
else
{
#if no cert presented, redirect
HTTP::respond 302 noserver Location "/certnotavailable.html"
log local0.info "certificate not available"
}
}