Stack Overflow
Stack Overflow

Questions tagged [mtls]

Use for mutual TLS, a technology to enhance network security.

mTLS, or mutual TLS is common on Zero Trust Networking architectures to increase security in internal networks, especially when deployed in a cloud environment.

mTLS is often implemented with a Service Mesh in a Kubernetes cluster.

222 questions
1
vote
0 answers

Envoy TLS config causes SSL WRONG_VERSION_NUMBER error

I've set up an Envoy config which connects to Trino on localhost port 11610. It adds TLS configs and redirects to a host. When I call the API, I see the envoy logs resolve the host to the correct IP address, but I get this…
covfefe
  • 2,485
  • 8
  • 47
  • 77
1
vote
1 answer

Unexpected NotValidForName with Rust's tonic with TLS

I am using the Rust's tonic library for GRPC with TLS. I get the following error thread 'main' panicked at 'Failed to create request insight client: tonic::transport::Error(Transport, hyper::Error(Connect, Custom { kind: InvalidData, error:…
dmeister
  • 34,704
  • 19
  • 73
  • 95
1
vote
0 answers

Send client certificate to my origin server with cloudflare

I wanna secure my microservices communication with client certificate. I generated a client certificate in cloudflare dashboard and added a subdomain (y.xxx.com) to dns with Full (strict) mode and enabled mTLS for subdomain (y.xxx.com). I send…
Amin Alizadeh
  • 41
  • 6
1
vote
2 answers

Where does the client get the client certificate in EST for authentication?

I'm reading about Enrollment over Secure Transport (EST) protocol and in the protocol, it says that the EST server could authenticate a client using a client certificate or HTTP Basic Auth or OAuth-2.0. But where does the client gets this client…
Saravana Kumar
  • 140
  • 2
  • 16
1
vote
1 answer

I do not get an error on the client-side during tls-handshake

I am trying around with mTls and go. I do not really understand how I got tls errors during the handshake on the client side. See the following example: package main import ( "crypto/tls" "crypto/x509" "fmt" "strconv" …
user3046582
  • 341
  • 3
  • 15
1
vote
2 answers

How to perform mTLS in a flutter or iOS application

I have an enterprise Flutter application that needs to launch the login page for the user's Identity Provider (IdP) inside a webview within the app. The IdP supports certificate-based authentication using a certificate present on the user's device…
Jugal Thakkar
  • 13,432
  • 4
  • 61
  • 79
1
vote
1 answer

Does cockroachdb support mTLS?

I need CockroachDB to work securely in my particular cloud setup. Specifically, I need it to perform mutual TLS authentication both when serving SQL and when making outgoing requests via changefeeds, and I need it to do so using a specific root…
histocrat
  • 2,291
  • 12
  • 21
1
vote
2 answers

AWS Regional REST API Gateway with custom domain name and mTLS responds with "Empty reply from server"

I have an API Gateway Regional REST API with a lambda proxy integration and a custom domain name, and i need to add mutual TLS. The API is working fine without mTLS. I have followed this guide to enable mTLS and test it with self-signed certificates…
Oygen87
  • 81
  • 1
  • 9
1
vote
1 answer

How to create self-signed certificate using Ed25519 in C#

I have to generate X509 certificates using Ed25519. I know I should use RequestCertificate class from System.Security.Cryptography.X509Certificates namespace but seems that it doesn't support ed25519. That's my scenario: I have private ed25519 key…
Szyszka947
  • 473
  • 2
  • 5
  • 21
1
vote
0 answers

MTL file along with OBJ file for displaying 3D models in p5.js

I followed the example from p5.js Reference It contains an example of how to load an OBJ file in JavaScript with p5.js: //draw a spinning teapot let teapot; function preload() { // Load model with normalise parameter set to true teapot =…
Pantsik Grifoi
  • 11
  • 3
1
vote
0 answers

The message received was unexpected or badly formatted. .net core 3.1

Problem The message received was unexpected or badly formatted (in .NET Core 3.1) HRESULT error: SEC_E_ILLEGAL_MESSAGE (0x80090326) Cause This error happens during the TLS protocol negotiation with the server.(Mtls) I have already checked the…
Ayo Hashimi
  • 11
  • 1
1
vote
2 answers

AWS API Gateway mTLS - Access denied. Reason: self signed certificate

I've been following this guide by AWS: https://aws.amazon.com/blogs/compute/introducing-mutual-tls-authentication-for-amazon-api-gateway/ pretty much to the letter. This is how I generate the certs: openssl genrsa -out RootCA.key 4096 openssl req…
Amir Asyraf
  • 613
  • 1
  • 7
  • 18
1
vote
0 answers

Golang redis cluster mTLS handshake failure

Getting below error when trying to connect to redis cluster using golang "github.com/go-redis/redis/v9" client. I am able to successfully connect using redis-cli and python with mTLS client certificate, whereas it is failing from golang. Can anyone…
Nitesh Bv
  • 13
  • 1
  • 4
1
vote
1 answer

How to generate a RS256 JWT Token in Karate API testing

How can I generate a sha256-RSA-signed JWT token in a Karate (https://github.com/karatelabs/karate) feature file? https://github.com/karatelabs/karate/issues/1138#issuecomment-629453412 has a nice recipee for doing such for a HMAC-SHA256 (or…
Holger Joukl
  • 91
  • 4
1
vote
1 answer

public cert is not picked from keystore provided in wso2 micro integrator

I have created a MI project using Hello World Docker template using Integration Studio 7.2.0. I want to setup mTLS for the service. I have configured the keystore like below. deployment.toml [keystore.tls] file_name = "interceptor.jks" password =…
Amila Senadheera
  • 12,229
  • 15
  • 27
  • 43
1 2 3
14 15