DataPower

DataPower

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  Get certificate info in gatewayScript?

    Posted Thu June 10, 2021 10:11 AM

    Hi,

    Is there a way to extract certificate info in gatewayScript?

    I get the certificate from var://service/tls-info but then I want to extract the subject and the issuer.

    Can that be done?

    Regards

    Jocke D



    #DataPower
    #Support
    #SupportMigration


  • 2.  RE: Get certificate info in gatewayScript?
    Best Answer

    Posted Mon June 14, 2021 06:26 AM

    Hi,

    I haven't seen any way to do this, someone else can fill in if they have more information. One way could be to use transform.xslt() and do the cert specific stuff using a stylesheet...

    --HP



    #DataPower
    #Support
    #SupportMigration


  • 3.  RE: Get certificate info in gatewayScript?
    Best Answer

    Posted Mon June 14, 2021 07:14 AM

    Hi,

    Yes that did work.

    Thanks for pointing me in the right direction. :)

    In file: getSubject.xsl

    <xsl:template match="/">

    <!-- Get subject from SSL client cert -->

    <dp:set-variable name="'var://context/reqData/client_subject'"

    value="dp:auth-info('ssl-client-subject','x500')" />

    </xsl:template>

    In JS-file:

    var transform = require('transform');

    var options = {

    "location": "local:///CardAPI-Rest/getSubject.xsl",

    };

    transform.xslt(options, function(error, nodelist, abortinfo) {

    if (error) {

    //Handle error

    }

    else {

    //Do nothing, value in variable

    }

    });

    /Jocke D



    #DataPower
    #Support
    #SupportMigration


Related Content