I have internal users that want to access an external API.
The API requires a client certificate to be presented and seems to be using SNI. We dont want to give the users the client certificate and so we want to have a central location the users can get to that will send the request on to the API with the the client certificate.
I am thinking having port 80 for the users to connect to and then SSL outbound from haproxy, that way we dont have to match certs names internally.
Does anyone know if this is even possible.
Appreciate any help with this.