If by "validate SSL client-certificates against Microsofts Active Directory" you mean have the ASA confirm that the certificate the client holds is valid, it does it by checking its CRL, in case it uses that method, can also use OCSP as you might know.
Now, as for the "act as a SSL proxy between server and client" thingy, i know that the newest member of the ASA-frewall family, the ASA CX [it's actually a module], has a TLS/SSL proxy feature.
Couldn't find a document stating that fact though, i guess you can always reach out for your Cisco rep and get that clarified.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...