sorry if I'm not clear
When my client performs a search, ldap proxy forwards the request to the backend.
client : ldapsearch -H ldap://ldap.fr -b "dc=appli,dc=test,dc=com" -D "uid=root,dc=test,dc=com" -w "pwd"
the logs are as follows (backend): 67b8c3fd.134650d5 0x7f12f7fff6c0 conn=1001 fd=11 TLS established tls_ssf=256 ssf=256 tls_proto=TLSv1.3 tls_cipher=TLS_AES_256_GCM_SHA384 67b8c3fd.13667ba6 0x7f12fcdfe6c0 conn=1001 op=0 BIND dn="uid=root,dc=test,dc=com" method=128 67b8c3fd.136c7879 0x7f12fcdfe6c0 conn=1001 op=0 BIND dn="uid=root,dc=test,dc=com" mech=SIMPLE bind_ssf=0 ssf=256 67b8c3fd.137b3dbf 0x7f12fcdfe6c0 conn=1001 op=0 RESULT tag=97 err=0 qtime=0.000627 etime=0.002286 text=
method=128 indicates that the proxy requests external sasl authentication but it does not happen. The proxy certificate does not seem to be used and the client bind is used.
Why is the proxy certificate not used even though the mutual TLS connection is established?