Forum Discussion
Gordon_Widera_1
Nimbostratus
NimbostratusInserting client certificate in header request
Hello,
I have an iRule that works but I need to modify the prefex of the header request.
when HTTP_REQUEST {
if {[SSL::cert count] > 0} {
HTTP::header replace SSL_Client_Cert [X509::whole [SSL::cert 0]]
}
}
The above iRule inserts a clients public certificate into a header request. The problem ist that "HTTP_" is being added along with the certificate. How can I insert the certificate without the "HTTP_" being added?
BEFORE==========================================
HTTP_SSL_CLIENT_CERT = -----BEGIN CERTIFICATE----- MIID+DCCA2GgAwIBAgIDAinrMA0GCSqGSIb3DQEBBQUAMFcxCzAJBgNVBAYTAlVT RgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsTA0RvRDEMMAoGA1UE CxMDUEtJMRIwEAYDVQQDEwlET0QgQ0EtMTUwHhcNMDcwNDI1MDAwMDAwWhcNMTAw NDAxMjM1OTU5WjCBgzELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJu bWVudDEMMAoGA1UECxMDRG9EMQwwCgYDVQQLEwNQS0kxEzARBgNVBAsTCkNPTlRS
AFTER===========================================
SSL_CLIENT_CERT = -----BEGIN CERTIFICATE----- MIID+DCCA2GgAwIBAgIDAinrMA0GCSqGSIb3DQEBBQUAMFcxCzAJBgNVBAYTAlVT MRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsTA0RvRDEMMAoGA1UE CxMDUEtJMRIwEAYDVQQDEwlET0QgQ0EtMTUwHhcNMDcwNDI1MDAwMDAwWhcNMTAw NDAxMjM1OTU5WjCBgzELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJu bWVudDEMMAoGA1UECxMDRG9EMQwwCgYDVQQLEwNQS0kxEzARBgNVBAsTCkNPTlRS
Thanks
Gordon_Widera_1Me again, I should add that I working with Oracle Application Server 10g- Try this:
when HTTP_REQUEST { if {[SSL::cert count] > 0} { HTTP::header replace SSL_Client_Cert [substr [X509::whole [SSL::cert 0]] 5] } } 
georgeg_32284SSL::cert count in HTTP_REQUEST always returns 0 although client do authenticate with a certificate. in CLIENTSSL_HANDSHAKE event this is not 0 (in the same iRule). In the iRule reference says that SSL::cert should be available in HTTP_REQUEST; is it wrong or am I missing something?
