TLS Proxy with Certificate Authentication

Question

I'd like to proxy TLS to TLS but where the target destination uses certificate authentication. So, the TLS Proxy should request a certificate, then add it as a custom header (X-SSL-CERT) to the forwarded request.

How would I have to configure the TLS proxy to get this done?

Comments

The `X-SSL-CERT` header is supported from v1.7.0 (https://www.rebex.net/tls-proxy/#version-history)

Answer 1

This functionality is currently not supported, however it looks like an interesting feature.

I will add it to our buffer of possible features. We let you know here, if we decide to add it in a future.

UPDATE:

It is available from v1.7.0:

--http-x-ssl-cert <format>
Indicates whether to modify HTTP traffic by including/overwriting the X-SSL-CERT request header with the provided client certificate. Optional.
Supported values: None, URL-encoded, Base16, Base64.
Note: To request client certificates on inbound tunnel, use --request-client-certificate true option.
Note: When using None value, the X-SSL-CERT header is not sent (removed if the client sent it).
Note: When the client did not provide any client certificate and the connection was not rejected, the empty X-SSL-CERT header is sent.
Only takes effect when protocol is HTTP capable.