Hello,
I use nginx as a reverse-proxy.
I would like to set a header, more precisely a header that contain the
SSL
client certificate.
However, the variable ‘$ssl_client_cert’ add some character that I don’t
want (like tab characters)
<<
proxy_set_header X-SSL-CLI-CERT $ssl_client_cert;
I test with ‘$ssl_client_raw_cert’, but the webserver in backend (here
apache) doesn’t understand the certificate and return this :
<<
request failed: error reading the headers
I see a previous post mentionning a workarount with ‘map’ (
Problem with proxy_set_header $ssl_client_cert) :
<<
map $ssl_client_raw_cert $a {
“~^(-.-\n)(?<1st>[^\n]+)\n((?[^\n]+)\n)?((?[^\n]+)\n)?((?[^\n]+)\n)?((?[^\n]+)\n)?((?[^\n]+)\n)?((?[^\n]+)\n)?((?[^\n]+)\n)?((?[^\n]+)\n)?((?[^\n]+)\n)?((?[^\n]+)\n)?((?[^\n]+)\n)?((?[^\n]+)\n)?((?[^\n]+)\n)?((?[^\n]+)\n)?((?
[^\n]+)\n)?((?[^\n]+)\n)?((?[^\n]+)\n)?((?[^\n]+)\n)?((?[^\n]+)\n)?((?[^\n]+)\n)?((?[^\n]+)\n)?((?[^\n]+)\n)?((?[^\n]+)\n)?((?[^\n]+)\n)?((?[^\n]+)\n)?(-.-)$”
$1st;
}
But in debug log file of nginx, I have an error :
<<
[alert] 19820#0: 21 pcre_exec() failed: -8 on "
…
CERTIFICATE CONTENT
…
" using "^(-.-
)(?<1st>[^
…
I’m using nginx version 1.6.2, do you know another workaround please ?
Thank you.