Mutual TLS credentials

Mutual TLS (also known as MTLS, mutual SSL, mutual authentication, or two-way authentication) is a requirement of certain endpoints, where the server requires verification of the client’s identity.

Tines’ HTTP Request Agent supports mutual TLS through the mutual_tls configuration option. This is most easily used alongside a special mutual TLS credential type.

Creating a mutual TLS credential

Enter the following information in the New Credential page, after selecting mutual TLS from the dropdown:

  • Root certificate: The root certificate file for the certificate authority (CA) responsible for signatures
  • Client certificate: The certificate file issued by the CA for this client
  • Client private key: The private key file for the client certificate

These files will often have the extension .pem or .crt, but any plain text file will be accepted.

Using a mutual TLS credential with a HTTP Request Agent

Include the corresponding credential widget in the agent’s mutual_tls configuration option.

Example

For a mutual TLS credential named “mtls_example”:

{
  "url": "https://internal.tool",
  "method": "get",
  "content_type": "json",
  "mutual_tls": "{% credential mtls_example %}"
}