Skip to main content

2.2. Client-Cert HTTP Header Field

2.2. Client-Cert HTTP Header Field

In the context of a TLS terminating reverse proxy deployment, the proxy makes the TLS client certificate available to the backend application with the Client-Cert HTTP header field. This field contains the end-entity certificate used by the client in the TLS handshake.

Client-Cert is a Byte Sequence with the value of the header encoded as described in Section 2.1.

The Client-Cert header field is only for use in HTTP requests and MUST NOT be used in HTTP responses. It is a singleton header field value as defined in Section 5.5 of [HTTP], which MUST NOT have a list of values or occur multiple times in a request.

Figure 2 in Appendix A has an example of the Client-Cert header field.

Last updated on