Hello, I am trying to implement a Solr cluster with mutual authentication using client and server SSL certificates. I have both client and server certificates signed by CA. The set up is working good, however any client cert that chains up to issuer CA are able to access the Solr cluster without validating the actual client cert that is added to the trust store of the server. Is there any way that we could enforce validation of client cert UID and DC on Solr server to ensure only allowed client certs are able to access the Solr ?
Solr version used - 4.10.3 and 5.4.1 Container used - jetty Thanks in advance. Regards, Gautham
