A variable must exist before you can manipulate it. To create a new variable, see Create a Variable.
Select the variable you want to manipulate.
Select Extraction from the list.
Select where to extract the value from. See the table below for your options.
Add or choose the parameters by which the edge servers generate the variable value. See below for more details.
Optionally apply a transformation.
Built-in variables offer a basic set of information about a request. However you can also get more context by using set variable about specific headers/cookies/location info/network quality, etc.
You can take a value from a built-in variable and create a user-defined variable to extract additional information from that request.
You can incorporate a read-only variable into a user-defined variable and then modify that value.
You can, within a user variable, extract additional information about the request using the set variable behavior. Specific cookie or header names, location data, networks quality, certificates, etc.
Enter the HTTP header. The header name is case insensitive.
Extract a value from the client-side SSL certificate.
|Version Number||The certificate's X509 version number.|
|Serial||The serial number in hex.|
|MD5 Fingerprint||The MD5 fingerprint, hex encoded. (This value is generated by the <> server based on the certificate's contents).|
|SH1 Fingerprint||The SHA1 fingerprint, hex encoded. (This value is generated by the <> server based on the certificate's contents).|
|Hashed Fingerprint||The fingerprint hashed based on the hashing algorithm in signature_algorithm, hex encoded. (This value is generated by the <> server based on the certificate's contents).|
|Issuer Name||The distinguished name field of the issuer (signer).|
|Subject Name||The distinguished name field of the user.|
|Not Before Date||The not-before date in YYYY/MM/DD HH:MI:SS ZONE format. The ZONE (such as GMT) will only be displayed if it's present in the certificate.|
|Not After Date||The not-after date in YYYY/MM/DD HH:MI:SS ZONE format. The ZONE (such as GMT) will only be displayed if it's present in the certificate|
|Certificate DER Formatted||The entire DER encoded certificate in hex. If the customer wants us to pass this to the origin, the other fields shouldn't be passed as they're all extracted from this value.|
|Certificate PEM Formatted||The certificate in PEM format base64 encoded as one single line without any new-line characters or carriage returns.|
|Cert PEM No Labels||The certificate in PEM format without the header and footer base64 encoded as one single line without any new-line characters or carriage returns.|
|Count||The number of client certificates received. Normally, this should be 1. If the client submits a chain, it will contain the number of all certificates received. If the client doesn't submit a certificate, its value is 0. (This value is generated by the <> server).|
|Status Message||A short message regarding the outcome of the certificate validation. If the certificate is missing, its value is "missing". If it passed validation, its value is "ok". Otherwise, it contains a very short description of the problem (such as "Certificate has expired", etc).|
|Key Length||Returns the size of the key in bits. For example, a 1024 bit RSA key returns "1024". This is helpful to determine FIPS-compliance of a certificate.|
Enter the cookie name. This is case sensitive.
Edgescape fields from which you can extract values:
Path component offset
Choose which value in the URL you want to use as the variable's value.
In a path of
/x/y/z/index.htmlPath component offset 1 is
xPath component offset 2 is
yPath component offset 3 is
Query string parameter
Enter the query string parameter name. This is case sensitive.
Updated 8 months ago