The 'forward-client-cert' attribute


Article ID: 166961


Updated On:


ProxySG Software - SGOS


The 'forward-client-cert' attribute
You want information on the attribute 'forward-client-cert'


If the ProxySG HTTPS service is configured to require a client certificate, then information from the client certificate is extracted and put into a header that is included in the request when it is forwarded to the origin content server.

The name of the header is "Client-Cert". The header contains the certificate serial number, subject, validity dates and issuer (all as name=value) pairs. The actual certificate itself is not forwarded. The intent is to allow the origin content server to get information about the client (since the client's certificate is validated by the ProxySG).