Hi,
mutual authentication is finished in the unencrypted handshake. Can haproxy authenticate the client WITHOUT offloading (patch server hello to request client certificate, examine the reply for a valid cert and finally remove the client certificate and the CertificateVerify from it)?
CU