What is Mutual TLS (mTLS)?

PSilva · ‎30-Jul-2021

Mutual Transport Layer Security (#mTLS) establishes an encrypted TLS connection in which both parties use X.509 digital certificates to authenticate and verify each other. MTLS can help mitigate the risk of moving services to the cloud, and prevent malicious third parties from imitating genuine apps. So, let’s start the clock for What is mTLS?

Read What is mTLS? on F5 Labs.

Not only does F5 Labs provide freely available Threat Intelligence, they also have an Educational series covering many types of attacks, threats, and essential security concepts. If you are getting started in cyber security or there’s always been that one topic you’ve never quite understood, #F5Labs will help you learn the basics.

jjamall · ‎15-Dec-2022

Hi All.
I have configured a Client and Server SSL MTLS Certificate in F5, but when I am trying to access the site from outside, gets 403 - Forbidden: Access is denied error.
Do we have any best practices for this configuration.
Thanks, and regards.

PSilva · ‎16-Dec-2022

@jjamall TBH, I'm really not sure of your specific issue but I did find some Support articles

This is a simple 'mtls' search and has a bunch of NGINX solutions: https://support.f5.com/csp/federated-search#q=mtls&firstQueryCause=searchFromLink

This search is 'big-ip mtls' and does have a few F5 Access solutions: https://support.f5.com/csp/federated-search#q=big-ip%20mtls&firstQueryCause=searchFromLink

and if all else fails, you can always contact support/open a case at: support.f5.com

ps

PSilva · ‎20-Dec-2022

@jjamall See this article: Doing mTLS Authentication per URL

DevCentral

What is Mutual TLS (mTLS)?