Stack Overflow
Stack Overflow

Questions tagged [mtls]

Use for mutual TLS, a technology to enhance network security.

mTLS, or mutual TLS is common on Zero Trust Networking architectures to increase security in internal networks, especially when deployed in a cloud environment.

mTLS is often implemented with a Service Mesh in a Kubernetes cluster.

222 questions
3
votes
3 answers

MTLS Cloudfront/ApiGateway AWS

Didnt find any material of how to implement Cloudfront + MTLS or Api Gateway + MTLS. Is it possible? If not, is there any alternative to achieve MTLS with CloudFront + ApiGateway?
Carlos
  • 43
  • 1
  • 7
3
votes
1 answer

Istio Sidecar proxy fails to start due to Invalid path on certs mTLS

Auto inject is enabled on namespace and I am attempting to use Auto mTLS. Verified Istio pilot and citadel are running correctly. The Cert secret was properly created and mounted. The istio proxy fails to start with the following logs. The specific…
CodyK
  • 3,426
  • 4
  • 36
  • 52
3
votes
0 answers

Istio Egress MTLs for external services

I'm currently (and unsuccessfully) trying to setup MTLs via istio-egressgateway to access an external K8s cluster service. I'm following the intructions specified on istio docs but nothing works as expected, and I'm not able to see where I'm…
abeleaveicanfly but I can't
  • 31
  • 4
3
votes
1 answer

How to do client certificate verification (mTLS) in Starlette/FastAPI

I’m considering using FastAPI framework for implementing rather simple API, but it needs to support mTLS. AFAIK FastAPI is based on Starlette. Is it possible to check client certificate in Starlette?
Fedor
  • 1,392
  • 1
  • 17
  • 30
2
votes
0 answers

Mutual Authentication in ActiveMQ Artemis cluster fails to get hostname from client IP address

I have set up an ActiveMQ Artemis cluster (version 2.27.1) to use mutual authentication. When the second node tries to connect to the first one, I get an error WARN [org.apache.activemq.artemis.core.server] AMQ222208: SSL handshake failed for…
Milind
  • 2,760
  • 1
  • 16
  • 12
2
votes
1 answer

Is it safe to verify client certificate in ServeHTTP and ignore bad client certificate?

In my app based on Go HTTPS server, I set ClientAuth to RequestClientCert in tls.Config, then in the first call to my ServeHTTP function I call Verify on a client certificate chain taking it from PeerCertificates and save result in the structure…
Roman Maltsev
  • 307
  • 1
  • 3
  • 9
2
votes
1 answer

Ruby on Rails ActionMailer SMTP Settings mTLS

How would you setup a mTLS connection for action mailer in ruby on rails?
user2434674
  • 520
  • 1
  • 8
  • 19
2
votes
1 answer

Cannot read client's X509 certificate in Spring Boot mTLS

I want to read client's x509 certificate in a mTLS connection. I am using Spring Boot with embedded tomcat. My WebSecurityConfig.java @Configuration @EnableWebSecurity public class WebSecurityConfig { @Bean public SecurityFilterChain…
desertSniper87
  • 795
  • 2
  • 13
  • 25
2
votes
0 answers

Browser extension background.js mTLS strategy

I have a website + extension similar to 1Password -- user connects to a website once in a while, obtains a Cookie and some Bearer Token and then only uses the extension (background.js + userscript.js modes) going forward. I don't have expectation…
mishka
  • 2,027
  • 2
  • 20
  • 30
2
votes
3 answers

Issues when setting up Kafka mTLS with certs from GCP's Certificate Authority Service

I am trying to setup a Kafka cluster with mTLS authentication using certificates signed by GCP's CAS (Certificate Authority Service). I have three Kafka nodes: a master and two workers. Each node has a PEM truststore containing the CA Root…
dippatel
  • 21
  • 3
2
votes
0 answers

How to implement mutual TLS in react native

I need to implement mutual TLs in react native and I am using axios as a client
Mina
  • 31
  • 2
2
votes
0 answers

ASP.NET Core - having mTLS and OAuth2 at the same time

I have ASP.NET Core RESTful APIs and protect them with JWT token issued from Azure Active Directory. Any client who wants to call the endpoints should first acquire a valid JWT token from the AAD and send that as a Bearer token. My API internally…
Ali
  • 847
  • 2
  • 13
  • 37
2
votes
0 answers

Can I change client certificate in the browser without a restart?

I am working on using client-side certificates MTLS certificates in FireFox/Chrome and that works fine. But, is there any way I can get the client certificate selector to open so that I can change the client certificate without having to restart the…
Joe Markov
  • 221
  • 1
  • 10
2
votes
0 answers

Python gRPC with MTLS : failed to connect to all addresses

I tried to test gRPC communication with mTLS, but the following error occurred. error message grpc._channel._MultiThreadedRendezvous: <_MultiThreadedRendezvous of RPC that terminated with: status = StatusCode.UNAVAILABLE details =…
H-mount
  • 21
  • 1
2
votes
1 answer

executing a .net core self contained app on win 2019 that creates mTLS connection returns The Local Security Authority cannot be contacted

I'm running a self contained dotnet app on a windows 2019 to execute a simple httpclient get on a remote machine using mTLS with a client certificate. I am loading the client certificate in the application by passing a p12 keystore filepath, which…
Rui Vaz
  • 55
  • 1
  • 6
1
2
3
14 15