Forum Discussion
Chris_Miller
Jan 24, 2011Altostratus
I'm running into an issue with this rule. For us to see whether the client has a cert, we'd need to decrypt the data. So, if we're simply doing pass through, we wouldn't see whether the user had a certificate.
I'm hoping someone else can think of an option here. I assume we want to use the SSL::cert count command here but as that's not callable from client_accepted, I'm not sure how it can be done. We can certainly decide whether to re-encrypt the traffic on the backend, but a straight pass through might not be possible.