Rejection of CORS option call with client certificate authentication in Chrome

Hi All,

 

We have server side APIs which requests client certificate for authentication. We have enabled the .cert domain for requesting client certificate from consumers.

 

Now these APIs are then called by applications from their systems which is of cross origin than my server is. server already has proper handling for enabling CORS.

 

This fails with CORS options request in chrome with "ERR_CONNECTION_RESET".

 

This works in firefox and Safari.

 

We don't see the request reaching to our backend server. Maybe the request is rejected by the load balancer. We have implemented the SSL handshake at the load balancer level.

 

Is the above scenario supported by BigIp load balancer ?

 

Best Regards, Saurav