Forum Discussion

sgnormo's avatar
sgnormo
Icon for Cirrus rankCirrus
Nov 29, 2022

iRule Header Insert

I have a F5 setup for C3D (working), but the customer states they also need the original user certificate, so added an iRule to insert the whole user certificate doing the header insert.

Customer has come back and said that need the certificate without the "-----BEGIN CERTIFICATE----- ----END CERTIFICATE----" 

Is that possible?

 

  • Hi Sgnormo,

    the most intuitive method would be to [string map] unwanted parts out of your certificate. 

     

     

    set truncated_cert [string map [list "-----BEGIN CERTIFICATE-----" "" "----END CERTIFICATE----" "" "\n" ""] $original_cert]

     

     

    The more nerdy way is to read the input, skip the first 27 chars (aka. total length of -BEGIN CERTIFICATE-), and then keep the remaining char till the next occourence of "-" (aka. first char of -END CERTIFICATE-).

     

     

    set truncated_cert [substr $original_cert 27 "-"]

     

     

    Note: The certificate is b64 encoded, so its safe to say that the certificate itself does not contain the "-" char.

    Cheers, Kai 

  • Hi Sgnormo,

    the most intuitive method would be to [string map] unwanted parts out of your certificate. 

     

     

    set truncated_cert [string map [list "-----BEGIN CERTIFICATE-----" "" "----END CERTIFICATE----" "" "\n" ""] $original_cert]

     

     

    The more nerdy way is to read the input, skip the first 27 chars (aka. total length of -BEGIN CERTIFICATE-), and then keep the remaining char till the next occourence of "-" (aka. first char of -END CERTIFICATE-).

     

     

    set truncated_cert [substr $original_cert 27 "-"]

     

     

    Note: The certificate is b64 encoded, so its safe to say that the certificate itself does not contain the "-" char.

    Cheers, Kai