Mutual TLS

Mutual TLS (mTLS) authentication is designed for scenarios where both the client and server need to authenticate each other, ensuring secure, bidirectional communication. This method is typically used in environments where security is critical, such as machine-to-machine interactions or sensitive API communications.

Unlike other authentication methods that rely on user credentials or tokens, mTLS uses digital certificates for authentication. Both the client and the server must possess their own certificates, which are exchanged and verified during the handshake process. This ensures that both parties are who they claim to be before a secure connection is established.

In other words, mTLS provides strong, certificate-based authentication in addition to encrypting the communication, making it more secure than traditional TLS.

Configuration steps

1. Prerequisite

Before setting up a data source with Mutual TLS (mTLS) authentication, it is essential to obtain the required certificates that enable secure.

The certificate must be in .pem format. The .pem (Privacy Enhanced Mail) format is a base64-encoded format used for storing certificates and keys.

2. Datasource configuration

• From Elements Connect administration page, create a new Datasource of type "URL".

• From the datasource configuration page, select Mutual TLS from Authentication

This will display the following fields:

If your certificate requires a passphrase, ensure you provide the passphrase field before adding the certificate.

A valid certificate status will display if the certificate was successfully retrieved. In the event where the certificate has an expiry date, this date will be displayed alongside the status.