Hi,
Is it possible to define WAF rules based on the mTLS connection? For example, can I restrict access so that CN=xxx is blocked, while CN=yyy is allowed to access the application? Currently, mTLS only performs certificate validation, and Client Authentication Rules determine which certificate details are forwarded to the backend server.
Regards,
Renaz
#On-PremisesWAF(formerlySecuresphere)------------------------------
Renaz Pirhan
------------------------------