In LoadMaster firmware version 7.2.53, support was added for Client Certificate client authentication with no server side authentication. This is useful in cases where ESP is simply needed for pre-authentication (which is possible using the certificate) and where other credentials are then passed on in the Real Sever (username/password/multi-factor authentication, and so on). To configure this, follow the steps below in the LoadMaster WUI:

  1. Go to Virtual Services > View/Modify Services.
  2. Click Modify on the relevant Virtual Service.
  3. Expand the SSL Properties section and ensure that SSL Acceleration is Enabled.
  4. Expand the ESP Options section and ensure that ESP is enabled.
  5. Set the Client Authentication Mode to Client Certificate and the Server Authentication Mode to None.
  6. Configure any other setting as needed.