Authenticating with mTLS

FTL clients: pass the client cert, private key, and private key password as properties to the realm connect call.

For example, in C API, pass TIB_REALM_PROPERTY_STRING_CLIENT_CERT, TIB_REALM_PROPERTY_STRING_CLIENT_PRIVATE_KEY, and TIB_REALM_PROPERTY_STRING_CLIENT_PRIVATE_KEY_PASSWORD to tibRealm_Connect

eFTL clients: mTLS is not supported.

FTL servers: in the yaml configuration file, set tls.client.cert, tls.client.private.key, and tls.client.private.key.password in the ftlserver.properties section for each FTL server. See Authenticating to other FTL Servers in FTL Server Configuration Parameters

Administrative tools:

mTLS is not supported for the UI or the eFTL REST API.
For the FTL REST API, configure the TLS provider to present a client certificate when connecting to FTL server.
If using tibftladmin, specify the --tls.client.cert, --tls.client.private.key, and --tls.client.private.key.password command line parameters. See FTL Administration Utility

Did you find this helpful?

Yes No