Mutual SSL / mTLS
Nova allows mutual SSL, accepting (or requiring) client certificates, validating them, and passing that information on to your backend servers.
In any SSL terminated ADC you may go to the 3rd tab and view the Client SSL options. Here can you specify a CA file (uploaded in Certificate Management on Nova) to use on the Nodes.
Set the mode to optional or required, and submit to apply the changes.
Mutual SSL Headers
Nova will insert the following headers into the HTTP request to your upstream application with the client SSL details.
X-SSL X-SSL-Client-Verify X-SSL-Client-DN X-SSL-Client-CN X-SSL-Issuer X-SSL-Client-NotBefore X-SSL-Client-NotAfter
Note: only your upstreams will see these headers, clients do not.