Skip to content Skip to sidebar Skip to footer

How To Decode `x-arr-clientcert` Header Using Python?

How do I decode the X-ARR-ClientCert header passed by Azure App Service to my Azure Function code? Example: HTTP-triggered, Python Azure Function Azure App Service configured to a

Solution 1:

Since you are adding the client certificate from Postman, it's in DER (binary) format. You can decode the x509 certificate from bytes itself using Python cryptography.

from cryptography import x509

# header is base64 encoded string, so extract the bytes first
req_cert_str = req.headers.get("X-ARR-ClientCert") 
req_cert_bytes = base64.b64decode(req_cert_str)

cert = x509.load_der_x509_certificate(req_cert_bytes)

# do stuffs with cert
logging.info(f'Received client cert with serial number: {cert.serial_number}')

Note: If the certificate was PEM format, you would need to use x509.load_pem_x509_certificate(req_cert_bytes)


Post a Comment for "How To Decode `x-arr-clientcert` Header Using Python?"