cert works in 9.1.0 but not 9.1.2

The following code worked in 9.1.0 but not in 9.1.2. The iRule is intended to take a client certificate, base64 encode it, pass it along to the server, and make all kinds of good stuff happen. With the upgrade, however, it "appears" the certificate received at the server does not match the client data that is also passed along. Yes, that's right, it seems as though the client certificate gets swapped with data from another session!

 

 

The server makes a decision on what type of client is attaching based on the certificate passed. So let's say certificate A is accompanied by a username and department, and certificate B with a username, department, and address. Certificate A has, and not in all cases, data that's only present with CertB and vise versa. Like I said, worked quite well in 9.1.0 but not 9.1.2. Any help is appreciated.

 

 

 

when CLIENTSSL_CLIENTCERT {

 

Put the certificate in the session

 

session add ssl [SSL::sessionid] [SSL::cert 0] 180

 

}

 

 

when HTTP_REQUEST {

 

 

Get the certificate from the session

 

 

set id [SSL::sessionid]

 

set cert [session lookup ssl $id]

 

set clientip [IP::remote_addr]

 

 

if { $cert ne ""} {

 

log "ClientIP:$clientip | Status: Success| subject: $cert"

 

session delete ssl $id

 

} else {

 

log "ClientIP:$clientip | Status: NoCert| id:none"

 

log "reject"

 

reject

 

return

 

}

 

 

HTTP::header insert X.509 [b64encode $cert]

 

HTTP::header insert SSLClientCertSubject [X509::subject $cert]

 

HTTP::header insert SSLClientSerialNumber [X509::serial_number $cert]

 

HTTP::header insert ClientIP [IP::remote_addr]

 

log "Inserting HTTP header ClientCert: $cert"

 

}