Hi We have a Virtual Server that we require a client certificate, and we check it against a customers CA. What our customer is asking if we can restrict it to a single certificate signed by this CA rather than any cert signed by the CA. I have tried to created the following traffic script, to check if the cert is issued by the CA and if the serial number matches, and if it doesnt return a 403 Forbidden, otherwise carry on: $issuer = ssl.clientCertIssuer();
$serial = ssl.clientCertSerial();
if($issuer != "ROOT_CA" && $serial != "AA BB CC DD EE 11 22 33 44 55 66 77 88 ") {
http.sendResponse( 403, "text/html", "Forbidden","" );
} but it is erroring at the start of the serial number: Error: line 4: illegal character: ^"
if($issuer != "ROOT_CA" && $serial != "AA BB CC DD EE 11 22 33 44 55 66 77 88 ") {
^
Error: line 4: illegal character: ^�
if($issuer != "ROOT_CA" && $serial != "AA BB CC DD EE 11 22 33 44 55 66 77 88 ") {
^
Error: line 4: illegal character: ^�
if($issuer != "ROOT_CA" && $serial != "AA BB CC DD EE 11 22 33 44 55 66 77 88 ") {
^ Am I doing this the correct way, or is there a better way to restrict it to a single client certificiate? Thanks in advance Martin
... View more