Forum Discussion
Ichnafi
Cirrostratus
CirrostratusInsert certificate in HTTP header fails, depending on what is logged
Hi,
I have stumbled upon a strange behavior. I insert a client certificate into the HTTP header. Nothing fancy. Then I wanted to add some DEBUG Messages to see what's happening. And here my confusi...
IchnafiCirrostratus
CirrostratusHello Kai,
thanks for your reply. The client cert is already in Base64 PEM format, so why double encode it? Why should this brake the insertion, when applying the mentions log statements? Without "log local0. [HTTP::header names]", everything is fine, and the certificate is completely available under the header "X-CLIENT-CERT".
Kai_Wilke
MVP
MVPUpdate: Just created a test scenario by inserting a whole cert into a header. It seems that [HTTP::header insert] already adds the required SP characaters in front of each line. But somehow the [HTTP::header names] command don't follow the RFCs and treat the multi-line value as independent headers. Well, its just the output of [HTTP::header names] that is wrong, but the format of the multi-line header ramains valid after [HTTP::header names] execution and should work for you as long as the backend application is following the RFCs. If the multi-line header still causes trouble on your backend application, then just use b64/URL-encodings to make the value less error phrone (aka. becomming a single-line to avoid edge cases)... Cheers, Kai
