An "Add Audit Details" assertion is attempted to log the ${request.ssl.clientCertificate} value. However, it does not actually show the value.

Component: CA API Gateway

Please refer to the documentation: 

Require SSL or TLS Transport Assertion

When the "Require Client Certificate Authentication" is checked within the "Require SSL or TLS Transport Assertion", it will appear as  "Require SSL or TLS Transport with Client Certificate Authentication" or it will appear only as "Require SSL or TLS Transport". The documentation suggests that when it is checked, Gateway saves the client certificate from the SSL-TLS handshake for later authentication and authorization.

This includes the ${request.ssl.clientCertificate} and ${request.ssl.clientCertificateChains}. Further, if the "Check Client Certificate Validity Period" check box is cleared, then it will collect the information even if the client certificate has become expired.

The information is only available after the "Require SSL or TLS Transport with Client Certificate Authentication". Otherwise it will always give a null value.