SSL:client_cert()
Returns the status of client-certificate-verify, whether or not it is enabled.
Syntax
SSL:client_cert();
Arguments
N/A
Events
Applicable in the following events:
-
CLIENTSSL_HANDSHAKE
-
SERVERSSL_HANDSHAKE
-
CLIENTSSL_RENEGOTIATE
-
SERVERSSL_RENEGOTIATE
Example
when CLIENTSSL_HANDSHAKE{
debug("client handshake\n")
cc=SSL:client_cert();
debug("Client cert: %s \n",cc);
}
Result:
-
If not verify certificate is not set:
Debug output:
client handshake
Client cert: false
-
If enabled verify in client-ssl-profile:
config system certificate certificate_verify edit "verify" config group_member edit 2 set ca-certificate ca6 next end next end config load-balance client-ssl-profile edit "csp" set client-certificate-verify verify next end debug output: client handshake Client cert: true
Supported Version
FortiADC version 5.0.x and later.