Forum Discussion
Simon_Blakely
Aug 03, 2020Employee
You need to use SSL::renegotiate
As you say, you need to examine the X-Forwarded-For header, but that does not arrive until after TLS negotiation.
So you establish un-authenticated TLS, and then examine the XFF header, select the new TLS settings, and SSL::renegotiate
However, the actual endpoint from the client perspective will be Silverline, who will be terminating TLS. I don't really see how you can make this work in this context.