Do you recognize a good idea when you see one? We want to hear from you!
Header Image

I suggest you ...

HTTPS Reverse Proxy

When using ASG to terminate SSL sessions (SSL Offloading), it’s sometimes needed to get the client certificate (mutual authentication) and pass some SSL info such as SSL Session IDs and Client-SSL Certificate information (e.g. certificate fingerprint and serial number) inside HTTP header to be used and processed by the protected web applications.
An example of this use; let’s assume that I have a plain-text web application with certificate-based user authentication, so, it’s necessary to have such features in my WAF appliance.

23 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Ahmed ElayyanAhmed Elayyan shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    1 comment

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • Jim HarrisonJim Harrison commented  ·   ·  Flag as inappropriate

        The only way for the UTM to accomplish this would be for it to build a spoof client cert based on the original client cert particulars and signing it with the a CA certificate that that the published server trusts.

      Feedback and Knowledge Base