Hi, I need your help in resolving the below query.
In our project, we are using HAProxy for load balancing the logs from multiple clients. These logs would come from various endpoints, over HTTP. We have a requirement to authenticate each of these clients before processing them. We are planning for client certificate based authentication. Question: If we have multiple client certificates (around 500 client certificates one for each client), what would be the processing overhead to validate the client. But, we are not sure at this point whether to go with a common CA for all customers or one CA each per customer. So, our questions are: 1. Is client certificate the best way? 2. If so, can we have multiple Certification Authorities (say per end-point) configured at HAProxy level? 3. What would be impact on performance and how would the verification happen? Kindly suggest. Regards, Kumar.
