My question:
How to ensure the same ssl client certificate is being sent to the target system after a redirect takes place?
Details (like screenshots):
How I found the problem:
At our company, we are in the process of establishing a system for unique identifiers that, based on various request attributes (HTTP_ACCEPT = text/html | application/json), will redirect a HTTP request to the right provider (web frontend | the REST API).
After the redirect, the certificate that ends up being sent is not the one originally sent to the unique identifiers system.
I’ve already tried:
Setting to on Automatically follow redirects as well as Follow Authorization headers in the request settings:
