Guenther, Christian wrote:
Hi Allan,
thanks for your reply.
I'd like to take the chance and clarify two points, just to make sure.
you said:
the backend *code* has a access to the client certificate.
is it your backend *webserver* or is it your backend *code* that is
handling the validation
Hi Allan,
If I get that right your solution would provide the client certificate to the backend server in the form of a header variable. Is that correct? Therefor the client certificate would not be available as part of a normal, standard conform SSL handshake but be essentially be copied in
