Citrix Systems Network Router 9.2 User Manual
Chapter 7 Advanced Expressions: Parsing SSL Certificates
145
certificate.AUTH_KEYID.
EXISTS
EXISTS
Returns a Boolean TRUE if the certificate contains
an Authority Key Identifier extension.
an Authority Key Identifier extension.
certificate.AUTH_KEYID.
ISSUER_NAME
ISSUER_NAME
Returns the Issuer Distinguished Name in the
certificate as a name-value list. An equals sign
(“=”) is the delimiter for the name and the value,
and the slash (“/”) is the delimiter that separates the
name-value pairs.
certificate as a name-value list. An equals sign
(“=”) is the delimiter for the name and the value,
and the slash (“/”) is the delimiter that separates the
name-value pairs.
Following is an example:
/C=US/O=myCompany/OU=www.
mycompany.com/CN=www.mycompany.
com/
emailAddress=myuserid@mycompany.
com
mycompany.com/CN=www.mycompany.
com/
emailAddress=myuserid@mycompany.
com
certificate.AUTH_KEYID.
ISSUER_NAME.
IGNORE_EMPTY_ELEMENTS
Returns the Issuer Distinguished Name in the
certificate as a name-value list and ignores the
empty elements in the list.
certificate as a name-value list and ignores the
empty elements in the list.
For example, the following name-value list has an
empty element following “a=10”:
empty element following “a=10”:
a=10;;b=11; ;c=89
The element following b=11 is not considered an
empty element.
empty element.
certificate.AUTH_KEYID.
KEYID
KEYID
Returns the keyIdentifier field of the Authority
Key Identifier as a blob.
Key Identifier as a blob.
certificate.CERT_POLICY
Returns a string that contains the client certificate
policy. Note that this represents a sequence of
certificate policies.
policy. Note that this represents a sequence of
certificate policies.
Operations That Can Be Specified with the CLIENT.SSL.CLIENT_CERT Prefix
SSL Certificate Operation
Description