Hi Willy, We cannot find a solution for case below. Can you confirm that as now we havo to sacrifice a public ip with haproxy for every accepting client certificate backend ?
Thank you " We configured haproxy for client certificates: bind <IP>:443 ssl crt <path> ca-file <path> verify optional Configuring in this way (at bind stage), however, haproxy always ask client certificate if present in the certificate store - for all domain, for all backends. There is solution so haproxy ask/manage client certificates only for specific domain or other request matching ? So it is possible to share a bind on <IP>:443 port for mixed backends, accepting/requesting client certificates and other not using client certificates. " Roberto
