| Function |
avi.ssl.get_client_cert_verify_mode() |
| Description |
This DataScript function is used to get the client certificate authentication mode |
| Events |
VS_DATASCRIPT_EVT_SSL_HANDSHAKE_DONE
VS_DATASCRIPT_EVT_HTTP_REQ
VS_DATASCRIPT_EVT_HTTP_REQ_DATA
|
| Parameters |
None |
| Returns |
This DataScript function returns one of the following values
- 0 indicates the client certificate authentication is either not enabled or disabled.
- 1 indicates that the client certificate authentication is in REQUIRE mode
- 2 indicates that the client certificate authentication is in REQUEST mode with the PKI profile
- 3 indicates that the client certificate authentication is in REQUEST mode without PKI profile
|
| Example |
if avi.ssl.server_name() == "secure.example.com" && avi.ssl.get_client_cert_verify_mode() == 0 then
avi.ssl.set_pki_profile(avi.CLIENT_VERIFY_REQUIRE, "pkiprofile-ca", avi.AUTHENTICATE_ONLY_ONCE)
avi.ssl.renegotiate()
end
|
