Forum Discussion
Kevin_Stewart
Employee
Aug 26, 2015The first thing I'd do is remove all of the special conditions from your Client Cert Inspection agent and test again (as in set it back up to evaluate for a valid certificate). Assuming that evaluation passes, you should see all of your session.sl.cert.* data in the sessiondump. By the way, you are getting prompted for a client certificate, yes? The session.ssl.cert.subject value is going to be the full distinguishedName of the subject. Example:
cn=bob.user,ou=mycompany,o=myorg,dc=mydc,dc=com
so you'll either need to modify your conditional a little, or strip off what you need from this before the evaluation.