Forum Discussion

Nimbostratus

Dec 04, 2015

Client Certificate is not passing through back end hosts

I have SSL terminated at F5, we have client certificate for client authentication coming via application request. The client certificate is not passed through the back end systems hence it is reject...

Employee

Dec 05, 2015

is this not a use case for Proxy SSL feature?

It is indeed, but a) you didn't mention ProxySSL in your original question, and b) ProxySSL comes with some pretty significant caveats.

As with any SSL "man-in-the-middle"-type solution, ProxySSL requires knowledge of the server's private key and an RSA-based key exchange between the client and server. This last requirement is proving harder to achieve as the industry moves away from non-perfect forward secret cryptography.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Client Certificate is not passing through back end hosts

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

After upgrading from PeopleTools 8.59.11 to 8.61.11 F5 APM is not rewriting the internal URLs

F5 BIG IP laboratory license

F5 mssql health monitor failing

How can I get started with iCall

Connection Rest f5

Related Content

Automating Certificate Management on F5 BIG-IP

Automating ACMEv2 Certificate Management on BIG-IP

Request Client Certificate And Pass To Application

Passing Arguments to iCall Scripts

Automate Let's Encrypt Certificates on BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS