Unfortunately the ACE can't do such a thing, when it comes to client authentication the client cert will be used exclusively for client validation, meaning that the cert provided by the requestor must match with the one that has been configured on the ACE, but that's it.
On ACE decryption happens before L7 load balancing so even if you take client authentication out of the picture and say that you're dealing with a SAN certificate, ACE needs to decrypt the traffic first and then match the appropiate host header in order to send the traffic to the SF in question.
From the post below you can see that Gilles states the feature is not even on the ACE roadmap, you may want to raise the flag with your sales team.
The unmanaged mode is also known as Network only switching, which is introduced in Brazos release. It adds the flexibility for customer to use only network automation for service appliance.
If a device is configured a...
Usually, we can access ESXi Shell by pressing Alt+F1 from ESXi DCUI (Direct Console User Interface).
But on HyperFlex system, it just shows black window.
This is expected behavior because HyperFlex redirects ESXi Shell output to SoL...
Configuring an Export Policy Using the GUI
This procedure explains how to configure an Export policy using the APIC GUI. Follow these steps to trigger a backup of your data:
On the menu bar, choose Admi...