Nimbostratus
Employee
the thing is variable will exist only or this connection (except if you were using global variables which is not the case here). Your variable enccert exist only for this connection. Since your browser will open many connection you'll need to authenticate for each. If your client use HTTP1.0 it will be authentication for each object
HTTP::collect is useless here. It may be used if you need to look at the payload manually, through the HTTP::command you don't need such manipulation
I can't test this one right one but it should work properly.
when HTTP_REQUEST {
if { ([SSL::cert count] == 0) and ([HTTP::uri] starts_with "/XXXXXX") } {
SSL::authenticate once
SSL::authenticate depth 3
SSL::cert mode request
SSL::renegotiate
}
else {
HTTP::header insert "auth-cert" [X509::whole SSL::cert 0]]
}
}
when CLIENTSSL_HANDSHAKE {
HTTP::release
}
Try to make a search on this forum for keyword like SSL::authenticate you will have some working example.
HTH
N.