Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Client certificate check fails

    Scheduled Pinned Locked Moved
    Cache/Proxy
    1
    1
    176
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sensewolf
      last edited by

      Hi,

      I am using HAProxy on my pfSense and for one domain I have enabled the checking of client certificates.

      Under SSL Offloading, there is the setting SNI filter where I can enter the subdomains for which HAProxy should request the client's certificate. If I enter each subdomain, it works. But if I enter just *.domain.tld it does not work (i.e. HAProxy does not request the client's certificate). But my understanding is that this should work as well, because it is given as an example directly there in the GUI ("EXAMPLE: *.securedomain.tld !public.securedomain.tld").

      So, am I misinterpreting the example, or is there a bug?

      Thanks!

      1 Reply Last reply Reply Quote 0
      • First post
        Last post