HAPROXY : client certificate validation
Today at the office, the security team ask me to secure our reverse proxy by adding a client certificate validation to only trust the client host CN. So here is my method to verify the client certificate CN according to the expected one : frontend frontend_foo mode tcp bind *:443 ssl crt /etc/ssl/certs/haproxy_reverse.proxy.company.com.pem ca-file /etc/ssl/certs/autorite_chain_haproxy.pem…