Forum Discussion

AceHunter1965's avatar
Icon for Altostratus rankAltostratus
Dec 15, 2021

BIG-IP Forward Client Cert To Node

Hey all,


At our company, we have a BIG-IP cluster bridging two networks, with servers / client on both sides (we also have the AWAF module which goes over HTTP requests).


Some of our websites require mutual TLS, but the thing is we have a lot of client certificates, and can't load all of them into BIG-IP.

Is there a way to forward the client certificate to the server? We need the certificates to be presented during the handshake and not sent as a header.



2 Replies

  • An important note - We use a single virtual server since all requests go through the same port and into the same IP

  • Proxy SSL is the answer. check this for more information: