Hi,
I'm using the following architecture
Client > Apache HTTP Server > OHS > WLS
Where OHS stands for Oracle Http Server and WLS stands for Oracle Weblogic Application Server.
Using HTTPS, I've stablished a 2 way SSL configuration for all the segments in the connection.
WLS uses an specific header called WL-Proxy-Client-Cert which contains the client certificate encoded in Base64 and then maps one of the DN attributes to a user for authentication. This is solved in OHS by the use of Weblogic Plugin wich adds this specific header to the request when setting SSLOptions +ExportCertData.
This works fine when using the following Client > OHS > WLS. The original client certificate is passed to Weblogic. But when we add the Apache HTTP Server, this information needs to be passed manually using RequestHeader add WL-Proxy-Client-Cert "%{SSL_CLIENT_CERT}s". The thing is that this adds the Base64 Certificate adding -----BEGIN CERTIFICATE----- -----END CERTIFICATE----- and various carriage returns (I assume this is due to OpenSSL) but Weblogic doesn't recognize and requires the Base64 encoding in just one line without any additional caracters at the begining and the end.
Is there a way to achieve this one line Base 64 certificate? Do I need to change any configuration? I tried to look for a way of striping those caracters inside the httpd.conf file but found nothing. Any workaround suggestion?
Thanks in advance.
Matías Visbeek
