Forum Discussion

Ichnafi's avatar
Ichnafi
Icon for Cirrostratus rankCirrostratus
Mar 07, 2016

Insert certificate in HTTP header fails, depending on what is logged

Hi, I have stumbled upon a strange behavior. I insert a client certificate into the HTTP header. Nothing fancy. Then I wanted to add some DEBUG Messages to see what's happening. And here my confusi...
application delivery
BIG-IP
iRules
Ichnafi's avatar
Ichnafi
Icon for Cirrostratus rankCirrostratus
Mar 07, 2016

Hello Kai,

 

thanks for your reply. The client cert is already in Base64 PEM format, so why double encode it? Why should this brake the insertion, when applying the mentions log statements? Without "log local0. [HTTP::header names]", everything is fine, and the certificate is completely available under the header "X-CLIENT-CERT".

 

Kai_Wilke's avatar
Kai_Wilke
Icon for MVP rankMVP
Mar 07, 2016
I know that the inner body of the cert is already encoded using B64. But the innner body includes also linebreaks that simply destroys your HTTP header. Thats why you have to use a second b64 layer or use URL-Encoding, HEX encoding, or even manually convert the PEM file format to become HTTP/1.1 compliant by inserting SP or HT characters in front of each new line (see RFC2616 4.2). But I guess just applying b64 or URL-Encoding is less complex... Cheers, Kai