I would like tlsx to return back a client_cert_required attribute to indicate whether or not the remote server requires clients to authenticate using a certificate.
Describe the use case of this feature:
A common security practice when using third-party edge services like Cloudflare is to require mutual TLS between the edge service and the backend web servers to ensure that third-parties are not able to bypass the edge service and make requests to the web servers directly. In these cases, it is useful to be able to scan a particular set of endpoints to determine whether or not there are any that are missing this control that need to be remediated.
Please describe your feature request:
I would like
tlsx
to return back aclient_cert_required
attribute to indicate whether or not the remote server requires clients to authenticate using a certificate.Describe the use case of this feature:
A common security practice when using third-party edge services like Cloudflare is to require mutual TLS between the edge service and the backend web servers to ensure that third-parties are not able to bypass the edge service and make requests to the web servers directly. In these cases, it is useful to be able to scan a particular set of endpoints to determine whether or not there are any that are missing this control that need to be remediated.