Hello!

We use SSL VPN with certificate based authentication. All users have personal certificates with subjectAltName = email:$USER@$DOMAIN

Would like to extract email from SAN to set it as username under "show vpn-sessiondb anyconnect"

Tried to use LUA script "return cert.subjectaltname" but logs show that returned value is not string

What is the correct way to parse cert.subjectaltname for LUA (ASA)?

Maybe there is a table of all available x509 variables?

Kind rregards,

Vladimir Akhmarov