An API that I need to use requires mTLS (mutual TLS) for connection. As I understand, my client application needs its own certificate to authenticate in the API server. I know that "Let's Encrypt" offers free TLS certificates, but they requires to own a domain. It's obvious for server certificates, but what about clients? Is there any service that offers free certificates without necessity of owning a domain?
Asked
Active
Viewed 16 times
-1
-
If an API requires authentication by client certificates it usually has specific requirements who has issued the certificate and what the content is, i.e. you cannot simply use a certificate issued by an arbitrary public CA for some domain. Check with the ones who provide the API for the details. – Steffen Ullrich Aug 31 '23 at 17:00
-
Thanks @SteffenUllrich. I'm trying to get such information from the API owners. – pkalinow Sep 01 '23 at 06:51