Proxy Authentication

Final step is to enable proxy authentication by the client certificates. In order to do that we need to tell the application which certificate authorities should be used to verify certificates of the connecting clients.

In this tutorial we will re-use the decryption certificate authority for this purpose, so open the Admin UI / Proxy Settings / Authentication / Client Certificates and use the Import button to import the C:\ProgramData\Diladele\WebProxy\N.N\etc\myca.pem file as shown on the following screenshot.

See this article for more information.

Import Client Certificate Validating Authority

Finally, enable client TLS authentication.

Enable Client TLS Certificate Authentication

Save and Restart from Admin UI and try browsing though the proxy. The browser should show a dialog allowing you to select the client certificate to present to the proxy.

Browser asking for client certificate authentication

User name should now be visible in the traffic monitor node.

User Name Visible