My Oracle Support Banner

Duplication of HTTP headers at first outbound call using mutual SSL-authentication (Doc ID 1641476.1)

Last updated on NOVEMBER 22, 2019

Applies to:

Siebel CRM - Version [23021] and later
Generic UNIX


Duplicate HTTP headers (such as "soapAction", "Content-Type", "Accept" and "Authorization") can be produced

 int the 1st (since Siebel Siebel Server startup) outbound HTTP call (e.g. Outbound Web Service call) from Siebel CRM / EAI HTTP Transport when following conditions are met:

  - OS type of Siebel Application Server is  Unix

  - HTTP is secured using mutual-SSL authentication

  -  external Web Server requests user authentication (e.g. basic HTTP Authentication)

This may lead that external Web Service provider (e.g. the SOAP Service implementation) fails to properly proceed the request (returns HTTP 500).

NOTE: the detailed tracing of the EAI Transport events will not show the duplication. This could be captured in either by a network sniffer or by external web sever logger.



The issue has been detected and reproduced for Siebel CRM running on OS  Linux and connecting by SOAP/HTTP-SSL to service running on Oracle WebLogic Server on OS Linux

The  behaviour could not be reproduced, when Siebel CRM was running on Windows OS and on any OS type when server-only SSL authentication was used.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.