Inserting the client certificate in a header

mischa · January 21, 2013, 2:33pm

When you need the client certificate on the real server:

`when CLIENTSSL_CLIENTCERT { set cert [SSL::cert 0] session add ssl [SSL::sessionid] $cert }

when HTTP_REQUEST { set cert [session lookup ssl [SSL::sessionid]] regsub -all {([\-]+(BEGIN|END) CERTIFICATE[\-]+)|\n} [X509::whole $cert] {} chdr HTTP::header insert CLIENT_CERT $chdr }`

mischa · March 22, 2013, 2:39pm

Slightly modified version without the persistency table:

`when CLIENTSSL_CLIENTCERT { set cert [SSL::cert 0] }

when HTTP_REQUEST { regsub -all {([\-]+(BEGIN|END) CERTIFICATE[\-]+)|\n} [X509::whole $cert] {} chdr HTTP::header insert X-CLIENT-CERT $chdr }`

mischa · October 11, 2013, 3:03pm

Other alternative when HTTP_REQUEST {
set cert [X509::whole [SSL::cert 0]]
regsub -all {\n|-----BEGIN CERTIFICATE-----|-----END CERTIFICATE-----} $cert "" newcert
HTTP::header insert "X-Client-SSL-Cert" $newcert }

Discussion		Replies	Views
insert the client SSL certificate into a header aFleX	0	252	October 1, 2011
aFleX - Request client certificate to authenticate . aFleX aflex	0	562	November 3, 2015
LB decisions based on SSL CA and Common Name aFleX	0	21	October 6, 2013
Replace/Clear X-Forwarded-4 or insert if not existent aFleX	3	171	November 22, 2015
Maintaining client Source ip using Source nat aFleX	4	1261	June 18, 2018

Inserting the client certificate in a header

Related topics