NSX Advanced Load Balancer optionally inserts the client’s certificate, or parts of it, into a new HTTP header to be sent to the server. To insert multiple headers, the plus icon is used. These inserted headers are in addition to any headers added or manipulated by the more granular HTTP policies or DataScripts.

  • HTTP Header Name : Name of the headers to be inserted into the client request that is sent to the server.

  • HTTP Header Value : Used with the HTTP Header Name field, this field is used to determine the field of the client certificate to insert into the HTTP header sent to the server. Several options are more general, such as the SSL Cipher, which lists the ciphers negotiated between the client and NSX Advanced Load Balancer. These generic headers may be used for non-client certificate connections by setting the Validation Type to Request.

L4 SSL/TLS Application Profile

Starting with NSX Advanced Load Balancer version 18.2.3 release, client certificate verification on L4 SSL/TLS applications are supported. Refer to the Configuring L4 SSL/TLS Profile section of the How to Enable Client Certificate Authentication on NSX Advanced Load Balancer article.