Those lines are part of the PEM certificate without them the cert is not
valid. What is the problem on the backend side with this?
On Thu, Apr 5, 2012 at 8:27 AM, <oh...@cox.net> wrote:
> Hi,
>
> I am using Apache (2.2.x) as a proxy. The Apache is enabled for
> 2-way/client-authenticated SSL.
>
> In one situation (in a specific <Location> section), I need to be able to
> pass the PEM of the client certificate to the proxied server, with a
> specific HTTP header name.
>
> I've actually been able to pass the raw PEM as an HTTP header using just
> the RequestHeader directive:
>
> RequestHeader set "my_ssl_client_cert" "%{SSL_CLIENT_CERT}e"
>
> But, that raw PEM has the "-----BEGIN CERTIFICATE-----" and "-----END
> CERTIFICATE-----" strings before and after the actual certificate PEM.
>
> I've been trying to figure out how to get just the certificate PEM into
> the HTTP header for awhile, mostly using SetEnvIfNoCase, but when I try
> that, I always end up with an empty string or null in the header.
>
> Given that I seem to be able to get the PEM from the SSL_CLIENT_CERT
> envvar, it seems like there SHOULD be a way to get that into a request
> header, but I haven't been able to do that yet, and am truly stumped, so I
> was hoping that someone here might know how to do that?
>
> Thanks in advance,
> Jim
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>
