I’m using a Http.sys net core application. I have done various researches (I could also be wrong) but the only way to enable “Authenticated Origin Pulls” seems to be to create a middleware that verify the certificate “origin-pull-ca.pem” installed on my server (root local machine) and comparing it with the client one.
Well, actually only when I enable Authenticated Origin Pulls I receive the Cloudflare pull origin certificate from the client. Correct. My problem is that I don’t find anything comparable with the “origin-pull-ca.pem”. The public key is different, the thumbprint is different.
So, how I should compare the “origin-pull-ca.pem” certificate with the one received from the client?