Citrix Systems Network Router 9.2 Benutzerhandbuch

CLIENT.SSL.CLIENT_CERT

The following example expression matches a particular time for expiration with 
the information in the certificate:

client.ssl.client_cert.valid_not_after.eq(GMT 2009)

The following table describes time-based operations on SSL certificates.
Operations on Certificate (client.ssl.client_cert) Dates and Times

certificate.

VALID_NOT_AFTER

Returns the last day before certificate expiration. The 
return format is the number of seconds since GMT 
January 1, 1970 (0 hours, 0 minutes, 0 seconds).

certificate.

VALID_NOT_AFTER.

BETWEEN(time1, time2)

Returns a Boolean TRUE value if the certificate validity 
is between the time1 and time2 arguments. Both time1 
and time2 must be fully specified. Following are 
examples:

• GMT 1995 Jan is fully specified. 
• GMT Jan is not fully specified 
• GMT 1995 20 is not fully specified.
• GMT Jan Mon_2 is not fully specified. 
The time1 and time2 arguments must be both GMT or 
both LOCAL, and time2 must be bigger than time1. 

For example, if it is GMT 2005 May 1 10h 15m 30s, 
and the first Sunday of the month, you can specify the 
following (evaluation results are in parentheses). 

• . . .between(GMT 2004, GMT 2006) 

(TRUE) 

• . . .between(GMT 2004 Jan, GMT 2006 

Nov) 

(TRUE) 

• . . .between(GMT 2004 Jan, GMT 

2006) 

(TRUE) 

• . . .between(GMT 2005 May Sun_1, 

GMT 2005 May Sun_3)

 (TRUE) 

• . . .between(GMT 2005 May 1, GMT 

May 2005 1) 

(TRUE) 

• . . .between(LOCAL 2005 May 1, 

LOCAL May 2005 1)

 (TRUE or FALSE, 

depending on the NetScaler system time zone.)

certificate.

VALID_NOT_AFTER.DAY

Extracts the last day of the month that the certificate is 
valid, and returns a number from 1 through 31, as 
appropriate for the date.