Skip to content

mTLS

Spicy — senior dev territorySecurity

ELI5 — The Vibe Check

Normal TLS: you check that the website is legit. mTLS: you BOTH check each other. The server verifies your certificate, you verify the server's. It's like both people showing ID at a meeting instead of just the host. Essential for service-to-service communication in Zero Trust.

Real Talk

Mutual TLS extends standard TLS by requiring both client and server to present and verify X.509 certificates. This provides bidirectional authentication, ensuring both parties are who they claim to be. Commonly used in service meshes, API gateways, and Zero Trust architectures.

When You'll Hear This

"All service-to-service calls use mTLS — every microservice authenticates both sides." / "The service mesh handles mTLS automatically so developers don't manage certificates."

Related Terms

Certificate Pinning

Certificate Pinning means your app only trusts a SPECIFIC certificate, not any cert signed by a trusted CA.

advancedSecurity

Service Mesh

In a microservices system, every service needs to handle retries, timeouts, mutual TLS, and send traces. You could code all that in every service.

advancedNetworking

TLS (TLS)

TLS (Transport Layer Security) is the updated, actually-secure version of SSL. It's the technology that puts the padlock in your browser's address bar.

intermediateSecurity

Zero Trust

Zero Trust means 'never trust, always verify.' Even if you're inside the company network, you still have to prove who you are for every request.

intermediateSecurity
Back to Browse Random Term

Made with passive-aggressive love by manoga.digital. Powered by Claude.