I have the following configuration setup and am trying to determine how to enable C3D to create a certificate based of provided HTTP headers.
Outside F5 (Terminates SSL and inserts headers from validated certificate) -> Middle F5 (AWAF) -> Inside F5 (Re-encrypt and use C3D to connect to the back-end service) -> Apache HTTPD
I have C3D enabled on the Inside F5 with a valid self-signed CA for testing.
The inserted headers from the Outside F5 are available on the inside Apache HTTP server.
How can I enable C3D on the Inside F5 to produce the new certificate with supplied headers?
Some attempts I have used is to insert accepted X headers and SSL_CLIENT headers. In both cases I have inserted the X_CLIENT_CERT and SSL_CLIENT_CERT along with associated, subjects, serials, version, etc.
