I’m trying to raise the following virtual service
apiVersion: networking.istio.io/v1beta1 kind: VirtualService metadata: name: example-virtual-service namespace: example spec: gateways: - istio-system/istio-gateway hosts: - '*' http: - match: - uri: prefix: /app/ rewrite: uri: / route: - destination: host: example-host port: number: 8000 headers: request: add: X-SSL-Client-Certificate: '-----BEGIN%20CERTIFICATE-----%0AMIIC1..........%0A-----END%20CERTIFICATE-----%0A'
Without the header I can easily
curl to my application but with the certificate as an header it fails.
If I change the value from the encoded certificate to
example for example I get the value successfully in my logs
Request has env of HTTP_X: HTTP_X_SSL_CLIENT_CERTIFICATE with value: example. I also get this warning that I bet it is related but it is an warning to an error:
warning envoy config gRPC config for type.googleapis.com/envoy.config.route.v3.RouteConfiguration rejected: field '20CERTIFICATE-----' not supported as custom header.
I need to pass the certificate as an header. Anyway to do so?