Constrained Certificate Delegation from HTTP Headers
I have the following configuration setup and am trying to determine how to enable C3D to create a certificate based of provided HTTP headers. Outside F5 (Terminates SSL and inserts headers from validated certificate) -> Middle F5 (AWAF) -> Inside F5 (Re-encrypt and use C3D to connect to the back-end service) -> Apache HTTPD I have C3D enabled on the Inside F5 with a valid self-signed CA for testing. The inserted headers from the Outside F5 are available on the inside Apache HTTP server. How can I enable C3D on the Inside F5 to produce the new certificate with supplied headers?