Inserting the client certificate in a header
When you need the client certificate on the real server:
when CLIENTSSL_CLIENTCERT {
set cert [SSL::cert 0]
session add ssl [SSL::sessionid] $cert
}
when HTTP_REQUEST {
set cert [session lookup ssl [SSL::sessionid]]
regsub -all {([\\-]+(BEGIN|END) CERTIFICATE[\\-]+)|\n} [X509::whole $cert] {} chdr
HTTP::header insert CLIENT_CERT $chdr
}
0
Comments
when CLIENTSSL_CLIENTCERT { set cert [SSL::cert 0] } when HTTP_REQUEST { regsub -all {([\\-]+(BEGIN|END) CERTIFICATE[\\-]+)|\n} [X509::whole $cert] {} chdr HTTP::header insert X-CLIENT-CERT $chdr }when HTTP_REQUEST { set cert [X509::whole [SSL::cert 0]] regsub -all {\n|-----BEGIN CERTIFICATE-----|-----END CERTIFICATE-----} $cert "" newcert HTTP::header insert "X-Client-SSL-Cert" $newcert }