Guys thanks.
I am making progress....they are trying to replicate a WebSphere plugin. Here is a trace of what it does:
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htrequest: htrequestCreate: Creating the request object
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htresponse: htresponseCreate: Creating the response object
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htresponse: htresponseInit: initializing the response object
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htresponse: htresponseInit: done initializing the response object
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htrequest: htrequestSetMethod: Setting the method |GET|
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htrequest: htrequestSetURL: Setting the url |/intermediaryaccess/servlet/IntermediaryAuthenticationServlet|
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htrequest: htrequestSetURL: Setting the query string |RequestID=AUTHENTICATION_CERTIFICATE_LOGON&action=init
ial&branding=&source=SLAC&urlParamTargetPage=https%3A%2F%2Fwpssyst1.advisertest.com%2Fadviser%2Fsecure%2Fadviserzone%2FServices%2FgotoSecureService%3Fid%3DdoLogin|
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: mod_was_ap20_http: cb_get_headers: In the get headers callback
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htrequest: htrequestSetHeader: Setting the header name |Accept| to value |image/gif, image/x-xbitmap, image/
jpeg, image/pjpeg, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-shockwave-flash, application/xaml+xml, application/x-ms-
xbap, application/x-ms-application, */*|
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htrequest: htrequestSetHeader: Setting the header name |Referer| to value |https://syst.advisertest.com/inte
rmediaryaccess/servlet/IntermediaryAuthenticationServlet|
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htrequest: htrequestSetHeader: Setting the header name |Accept-Language| to value |en-gb|
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htrequest: htrequestSetHeader: Setting the header name |UA-CPU| to value |x86|
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htrequest: htrequestSetHeader: Setting the header name |Accept-Encoding| to value |gzip, deflate|
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htrequest: htrequestSetHeader: Setting the header name |User-Agent| to value |Mozilla/4.0 (compatible; MSIE
7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 1.0.3705; .NET CLR 2.0.50727; .NET4.0C; .NET4.0E; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)|
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htrequest: htrequestSetHeader: Setting the header name |Host| to value |syst-cert.advisertest.com|
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htrequest: htrequestSetHeader: Setting the header name |Cookie| to value |SBANavCookie=114_8_-38_-61_24_-108
_104_-57_27_89_103_-67_51_-18_52_-4_79_9_29_-61_102_-73_-88_-105_-47_-81_65_6_73_-30_47_83_-19_18_-52_76_-26_-23_54_-57_-10_-15_5_22_-125_50_126_74_0_-58_-56_98_-23_-
1_-97_104_-95_13_101_-48_-38_72_-87_17_-109_-39_-96_-62_-58_44_59_; SBAAuthCookie=-11
9_75_126_-110_-125_50_-75_95_-112_-102_-5_-64_-40_121_27_28_; autheticationMethodCookie=Y|
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htrequest: htrequestSetHeader: Setting the header name |Connection| to value |Keep-Alive|
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htrequest: htrequestSetHeader: Setting the header name |Cache-Control| to value |no-cache|
This next header WSCC is the certificate:
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htrequest: htrequestSetHeader: Setting the header name |$WSCC| to value |MIIG7zCCBNegAwIBAgIQEZV1hgfaH00918h
mISp9hzANBgkqhkiG9w0BAQ0FADBYMQswCQYDVQQGEwJHQjErMCkGA1UEChMiT3JpZ28gU2VjdXJlIEludGVybmV0IFNlcnZpY2VzIEx0ZDEcMBoGA1UEAxMTT3JpZ28gUm9vdCBDQSAtIEcyTTAeFw0xMjA4MzAwMDAwM
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htrequest: htrequestSetHeader: Setting the header name |$WSCS| to value |RC4-MD5|
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htrequest: htrequestSetHeader: Setting the header name |$WSIS| to value |true|
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htrequest: htrequestSetHeader: Setting the header name |$WSSC| to value |https|
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htrequest: htrequestSetHeader: Setting the header name |$WSPR| to value |HTTP/1.1|
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htrequest: htrequestSetHeader: Setting the header name |$WSRA| to value |172.31.104.161|
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htrequest: htrequestSetHeader: Setting the header name |$WSRH| to value |172.31.104.161|
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htrequest: htrequestSetHeader: Setting the header name |$WSSN| to value |syst-cert.advisertest.com|
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htrequest: htrequestSetHeader: Setting the header name |$WSSP| to value |443|
[Fri Nov 16 17:47:05 2012] 000da02a 00000809 - TRACE: lib_htrequest: htrequestSetHeader: Setting the header name |$WSSI| to value |AA2gKnwJoT4xajzq6d7FmSizqiRYWFhYUKZ
So now I need to check with application guys to see eactly which of the header fields are required....
You can see that certificate is encoded and I have tried setting the variable as $WSCC rather than X509Certificate:
e.g. HTTP::header insert \$WSCC [X509::whole [SSL::cert 0]]