The 'forward-client-cert' attribute

book

Article ID: 166961

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

The 'forward-client-cert' attribute
You want information on the attribute 'forward-client-cert'

Resolution

If the ProxySG HTTPS service is configured to require a client certificate, then information from the client certificate is extracted and put into a header that is included in the request when it is forwarded to the origin content server.

The name of the header is "Client-Cert". The header contains the certificate serial number, subject, validity dates and issuer (all as name=value) pairs. The actual certificate itself is not forwarded. The intent is to allow the origin content server to get information about the client (since the client's certificate is validated by the ProxySG).