Passthrough Clientcertificate from Client -> F5 -> Back-End-Server
Hello,
we've configured a Virtual Server with an attached HTTPS client and HTTPS server profile.
We would like to use Client Certificate Authentication between the User (Client) and our Back-End-Server (Node).
The problem is, that the SSL connection terminates on the F5 System. So we are not able to pass through the SSL Client Certificate Information to Back-End-Server (Node)
Also the validity of the Client-Certificate should be checked on the F5. The CA-Certificate of the Client-Certificate should be placed on the F5 and only these Client-Certificates should be able to call the node. It should be possible to allow more than one ROOT-Certificate.
The SSL-Proxy Mode is no option for us, because we can only use weak ciphers when the Mode is active.
Is there a way to pass through the SSL Client Certificate to Back-End-Server? Maybe with an iRule?
Kind Regards
Winnie