What is mTLS?
Mutual Transport Layer Security (mTLS), also known as two-way TLS, is a security protocol that allows both the client and server to authenticate each other before establishing a secure connection. This is in contrast to traditional TLS, where only the client authenticates the server.
How mTLS Works:
Certificate Exchange: Both the client and server present their respective digital certificates to each other.
Certificate Verification: Each party verifies the authenticity and validity of the other’s certificate using a trusted certificate authority (CA).
Session Establishment: If both certificates are valid, a secure encrypted session is established between the client and server.
mTLS vs TLS
mTLS (Mutual Transport Layer Security) and traditional TLS (Transport Layer Security) share many similarities, but there is one key difference:
Traditional TLS: In traditional TLS, only the server is authenticated. The client trusts the server’s certificate, but the server does not verify the client’s identity. This means that an attacker could potentially impersonate the server and intercept communications without being detected.
mTLS: In mTLS, both the client and server must authenticate each other. This means that both parties present their digital certificates, and each verifies the other’s identity. This added layer of authentication provides a higher level of security and helps prevent man-in-the-middle attacks.
The primary difference between mTLS and traditional TLS is that mTLS requires mutual authentication of both parties involved in the communication, while traditional TLS only requires the server to be authenticated. mTLS authentication is a key component in setting up a Zero Trust Security architecture.
Benefits of mutual TLS
mutual TLS is useful and important because it provides a number of security benefits, including:
- Mutual authentication: mTLS ensures that both the client and server are who they claim to be. This prevents man-in-the-middle(MITM) attacks, where an attacker intercepts communication between two parties and impersonates one of them.
- Improved security: mTLS encrypts all data transmitted over the connection, protecting it from eavesdropping and tampering.
- Reduced complexity: mTLS can simplify security architecture by eliminating the need for separate authentication mechanisms.
Key Considerations for Implementing mTLS:
Here are some key considerations for implementing mTLS:
-
Certificate Management: Proper management of digital certificates is crucial to ensure the security and validity of mTLS sessions.
-
Complexity: Implementing mTLS can be more complex than traditional TLS, requiring careful configuration and management.
-
Compatibility: Ensure that both the client and server applications support mTLS and can exchange certificates correctly.
BastionXP CA is a digital certificate manager that can manage digital certificates at scale. It handles all the complexities involved in implementing mTLS and simplifies enduser workflow.
Use cases for mTLS
mTLS is used in a variety of applications, including:
1. HTTPS Web Service Security
mTLS can be used in the context of HTTPS server and HTTPS client communications to provide mutual authentication and encryption.
In a typical HTTPS connection, only the server is authenticated to the client using a TLS certificate. This is sufficient for many applications, such as browsing a website. However, in some cases, it is also desirable to authenticate the client to the server. This can be done using mTLS.
To implement mTLS for HTTPS server and client communications, both the server and client must have a TLS certificate. The server’s certificate must be signed by a trusted certificate authority (CA), and the client’s certificate must be signed by the same CA or by a CA that is trusted by the server.
When the client connects to the server, it sends its TLS certificate to the server. The server verifies the client’s certificate and, if valid, authenticates the client. The server then sends its own TLS certificate to the client. The client verifies the server’s certificate and, if valid, authenticates the server.
Once both the client and server have been authenticated, they can establish a secure HTTPS connection. All data transmitted over the connection will be encrypted using TLS.
Examples: Nginx, Apache web servers, or any web service applications written in Golang, Java, Python support mTLS authentication.
2. Database Security
In a typical database connection, only the database server authenticates to the client using a TLS certificate. This is sufficient for many applications, such as a web application connecting to a database to retrieve data. However, in some cases, it is also desirable to authenticate the client to the database server. This can be done using mTLS.
To implement mTLS for database server and client communications, both the database server and client must have a TLS certificate. The database server’s certificate must be signed by a trusted certificate authority (CA), and the client’s certificate must be signed by the same CA or by a CA that is trusted by the database server.
When the client connects to the database server, it sends its TLS certificate to the database server. The database server verifies the client’s certificate and, if valid, authenticates the client. The database server then sends its own TLS certificate to the client. The client verifies the database server’s certificate and, if valid, authenticates the database server.
Once both the client and database server have been authenticated, they can establish a secure database connection. All data transmitted over the connection will be encrypted using TLS.
Here are some specific examples of how mTLS can be used for database server and client communications:
- A company could use mTLS to protect access to its production database. This would help to prevent unauthorized users from accessing the database and stealing data.
- A healthcare provider could use mTLS to protect access to its patient database. This would help to prevent unauthorized users from accessing patient records.
- A financial services company could use mTLS to protect access to its customer database. This would help to prevent unauthorized users from accessing customer accounts and stealing money.
Examples: MySQL DB, Postgresql DB, and MongoDB support mTLS authentication.
3. API security
To use mTLS for API security, the API provider would need to generate a TLS certificate for the API. The API provider would then need to configure the API to require clients to authenticate using mTLS.
Clients would need to obtain a TLS certificate from a trusted CA. The client would then need to configure the client to authenticate to the API using mTLS.
When a client wants to access the API, it would send its TLS certificate to the API. The API would verify the client’s certificate to ensure that it is signed by a trusted CA and that it belongs to the client.
If the client’s certificate is valid, the API would allow the client to access the API. Otherwise, the API would deny the client access.
4. Microservices architecture
To use mTLS in a microservices architecture, each microservice would need to generate a TLS certificate. Each microservice would also need to be configured to require other microservices to authenticate using mTLS.
When a microservice wants to communicate with another microservice, it would send its TLS certificate to the other microservice. The other microservice would verify the certificate to ensure that it is signed by a trusted CA and that it belongs to the sending microservice.
If the certificate is valid, the other microservice would allow the sending microservice to communicate with it. Otherwise, the other microservice would deny the sending microservice access.
5. IoT security
To use mTLS for IoT security, the IoT device would need to generate a TLS certificate. The IoT device would also need to be configured to authenticate to the server using mTLS.
When the IoT device wants to communicate with the server, it would send its TLS certificate to the server. The server would verify the certificate to ensure that it is signed by a trusted CA and that it belongs to the IoT device.
If the certificate is valid, the server would allow the IoT device to communicate with it. Otherwise, the server would deny the IoT device access.
6. Zero Trust security
To use mTLS for Zero Trust security, all users, devices, and network traffic would need to be configured to authenticate using mTLS.
When a user, device, or network traffic wants to access a resource, it would send its TLS certificate to the resource. The resource would verify the certificate to ensure that it is signed by a trusted CA and that it belongs to the user, device, or network traffic.
If the certificate is valid, the resource would allow the user, device, or network traffic to access it. Otherwise, the resource would deny access.
7. Service Mesh
A service mesh is a network infrastructure layer that provides a number of features for microservices, including mTLS. Service meshes can be used to deploy and manage microservices in a secure and reliable way. Eg: Istio, Linkerd, AWS App Mesh
Service meshes work by intercepting all traffic between microservices. This allows the service mesh to provide a number of features, such as:
- Load balancing: The service mesh can distribute traffic between microservices in a balanced way. This helps to improve performance and reliability.
- Service discovery: The service mesh can help microservices to discover each other. This makes it easier for microservices to communicate with each other.
- Fault tolerance: The service mesh can help to make microservices more fault-tolerant. This helps to ensure that microservices remain available even if some of them fail.
- Security: The service mesh can help to secure communication between microservices. This can be done using a variety of mechanisms, such as mTLS.
mTLS plays an important role in service meshes by providing a secure way to authenticate and authorize microservices. mTLS ensures that only authorized microservices can communicate with each other. This helps to prevent unauthorized access to microservices and data.
Here is an example of how mTLS is used in a service mesh:
- A microservice wants to communicate with another microservice.
- The microservice sends its TLS certificate to the other microservice.
- The other microservice verifies the certificate to ensure that it is signed by a trusted CA and that it belongs to the sending microservice.
- If the certificate is valid, the other microservice allows the sending microservice to communicate with it.
- The microservices communicate with each other using TLS encryption.
This process ensures that only authorized microservices can communicate with each other and that the communication is encrypted.
Service meshes and mTLS can be used to improve the security and reliability of microservices architectures. If you are using microservices, it is recommend using a service mesh to deploy and manage your microservices. You should also use mTLS to secure communication between your microservices.
How to implement mTLS
To implement mTLS, both the client and server must have a TLS certificate. The certificate contains the public key of the owner and is signed by a trusted certificate authority (CA), for example BastionXP CA.
To establish an mTLS connection, the client and server first exchange their certificates. The client then verifies the server’s certificate to ensure that it is signed by a trusted CA and that it belongs to the server.
The server then verifies the client’s certificate to ensure that it is signed by a trusted CA and that it belongs to the client.
Once the client and server have verified each other’s certificates, they can establish a secure connection using TLS. All data transmitted over the connection will be encrypted and protected from eavesdropping and tampering.
Open Source Tools to implement mTLS
There are a number of different open source and open standards based tools available today to implement mTLS in production. Here are some of the open source tools and technologies that generates TLS certificates for use with mTLS:
- OpenSSL: OpenSSL is a free and open-source toolkit for cryptography. OpenSSL can be used to generate and manage TLS certificates manually.
- Let’s Encrypt: Let’s Encrypt is a public certificate authority that provides limited free TLS certificates to public servers and devices.
- BastionXP PKI/CA: BastionXP PKI/CA is an enterprise-grade free and open standards based private certificate authority that provides unlimited free TLS certificates to servers and clients after a successful 2FA based authentication using OIDC SSO based 2FA login. Also, it automates certificate rotation before well before the certificates expire, reducing the manual work involved and bolstering security.
Which tools and technologies you use to implement mTLS will depend on your specific needs.
Real World mTLS Examples
Here are some specific examples of how mTLS is being used in the real world:
- Google Cloud Platform (GCP) uses mTLS to secure communication between its various services.
- Netflix uses mTLS to secure communication between its microservices in its IT datacenters.
- Amazon Web Services (AWS) uses mTLS to secure communication between its various services and with its customers’ devices.
- Tesla uses mTLS to secure communication between its cars and its servers.
- The US Department of Defense is using mTLS to secure communication between its systems and with its contractors’ systems.
- SocketXP IoT Platform uses mTLS tunnels to secure communication between its cloud gateway, IoT devices and end user applications.
How SSL certificates implement mTLS
SSL certificates implement mTLS by providing a method for the client and server to exchange their public keys. The public key is contained in the subjectPublicKeyInfo
field of the certificate.
SSL certificates implement the public key cryptography which provides a very high level of security.
Important fields in the certificate
The following fields in the certificate are important for mTLS:
- Subject: This field contains the identity of the certificate owner. For example, the
common name
orCN
filed could be set to the server’s IP address, domain name, or the user’s ID, name or email adddress. - Subject Alternative Name (SAN): This field can contain additional identities for the certificate owner.
- Issuer: This field contains the identity of the CA that signed the certificate.
- SubjectPublicKeyInfo: This field contains the public key of the certificate owner.
How the server and client identities are verified
To verify the server and client identities in mTLS, the following steps are typically taken:
- The client sends its certificate to the server.
- The server verifies the client’s certificate by checking the following:
- The certificate is signed by a trusted CA.
- The certificate is valid (i.e., it has not expired and has not been revoked).
- The certificate belongs to the client (i.e., the subject of the certificate matches the identity of the client).
- The server sends its certificate to the client.
- The client verifies the server’s certificate by checking the following:
- The certificate is signed by a trusted CA.
- The certificate is valid (i.e., it has not expired and has not been revoked).
- The certificate belongs to the server (i.e., the subject of the certificate matches the identity of the server).
In addition to the above steps, the following important fields in the certificates can be used to verify server and client identities:
- Subject: The subject field contains the identity of the certificate owner. This field can be used to verify that the client or server is who they claim to be.
- Subject Alternative Name (SAN): The SAN field can contain additional identities for the certificate owner. This field can be used to verify that the client or server is authorized to access the requested resource.
- Issuer: The issuer field contains the identity of the CA that signed the certificate. This field can be used to verify that the certificate is signed by a trusted CA.
- SubjectPublicKeyInfo: The subjectPublicKeyInfo field contains the public key of the certificate owner. This field can be used to verify the signature on the certificate.
For example, the client could verify the server’s identity by checking that the server’s certificate is signed by a trusted CA and that the subject of the certificate matches the hostname of the server that the client is trying to connect to.
The server could verify the client’s identity by checking that the client’s certificate is signed by a trusted CA and that the subject of the certificate matches the identity of the client that is trying to connect.
Here is a Sample Server Certificate with Server Identity issued by BastionXP CA:
$ openssl x509 -in ~/.bsh/tls_server.crt -noout -text Certificate: Data: Version: 3 (0x2) Serial Number: 8b:a6:d8:6f:1c:d0:a4:d9:fa:f4:9c:4c:14:41:1f:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN = bastionxp-ca.example.com Validity Not Before: Sep 11 06:14:29 2023 GMT Not After : Aug 31 06:14:29 2025 GMT Subject: CN = mysql.example.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (4096 bit) Modulus: 00:db:b9:a4:72:1d:c0:86:52:0a:c1:80:a7:a8:0a: 06:2d:62:d4:94:4d:82:bb:0d:99:d9:b9:14:06:ee: d2:22:51:45:fe:dc:9b ... Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Subject Alternative Name: DNS:mysql.example.com Signature Algorithm: sha256WithRSAEncryption Signature Value: 4a:30:7b:01:65:e0:5f:06:e2:f0:12:2e:46:c6:13:92:c9:be: a2:e9:dd:45:1d:e3:62:f4:61:90:f6:81:8a:ba:79:30:02:12: 37:15:d5:a1:7e:d5:a5:07:6a:2a ...
Here is a Sample Client Certificate with Client Identity issued by BastionXP CA:
$ openssl x509 -in ~/.bsh/tls_client.crt -noout -text Certificate: Data: Version: 3 (0x2) Serial Number: 2d:11:ed:0e:e3:47:05:9a:14:05:5a:26:6b:7b:80:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN = bastionxp-ca.example.com Validity Not Before: Sep 11 06:13:08 2023 GMT Not After : Sep 11 14:13:08 2023 GMT Subject: CN = [email protected] Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (4096 bit) Modulus: 00:e7:d5:cd:79:ba:52:d4:87:9a:0d:8e:30:f4:b2: 3d:6d:8e:1d:d9:91:8c:30:ef:94:b8:da:87:2d:f2: 96:59:34:c4:c4:ac:63 ... Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Client Authentication X509v3 Authority Key Identifier: 78:2A:6C:A0:64:AA:59:42:2B:FA:11:25:66:3A:BE:5F:27:EA:6E:17 X509v3 Subject Alternative Name: email:[email protected] Signature Algorithm: sha256WithRSAEncryption Signature Value: b1:08:8f:90:7f:06:64:89:83:02:49:d0:14:35:45:cb:09:e0: b7:61:c8:fd:bc:4f:54:6f:1b:1a:d6:4c:a9:ec:d7:56:26:6e: 0f:c6:0d:cc:2c:39:77:78:1d ...
The above certificates contains the server identity and user/client identity in the Subject
field and Subject Alternative Name
fields.
Note: BastionXP CA issues short-lived SSL TLS X.509 client certificates [valid for 8 hours only] by default to the end users or clients. Users must renew their client certificates after the expiry period. BastionXP CA provides granular control over who can access what resource and for how long.
By verifying the server and client identities, mTLS helps to prevent man-in-the-middle
(MITM) attacks and other security threats.
BastionXP CA automates Role Based Access Control(RBAC) by generating server and client SSL certificates with built-in server and user identities based on custom role definitions.
Limitations of mTLS
mTLS has a few limitations, including:
- Increased complexity: mTLS is slightly more complex to implement and configure than traditional TLS because now we need to get and use a client certificate in addition to getting the server certificate. mTLS requires two-way authentication, while the traditional TLS requires just one-way authentication.
- Performance overhead: mTLS can add a small performance overhead to connections, given the extra authentication and validation it needs to perform on the identities of the endpoints involved. But mTLS improves the endpoint security several fold and therefore the performance overhead is worth it.
- Compatibility: Not all clients and servers support mTLS. Some legacy applications do not support mTLS. But, all modern development tools and modern softwares support mTLS today.
mTLS best practices for security:
Here are some mTLS best practices that should be followed for better security:
- Use a trusted CA such as BastionXP CA to sign your certificates.
- Keep your certificates up to date and rotate them frequently.
- Use strong and latest encryption algorithms.
- Configure your clients and servers to verify certificates and identities properly.
- Monitor your server logs for suspicious activity.
Conclusion
mTLS is a powerful security protocol that can be used to protect a variety of applications. It is becoming increasingly popular as organizations look to improve the security of their systems and data.
mTLS offers a number of benefits, including:
- Mutual authentication: mTLS ensures that both the client and server are who they claim to be. This prevents man-in-the-middle attacks, where an attacker intercepts communication between two parties and impersonates one of them.
- Improved security: mTLS encrypts all data transmitted over the connection, protecting it from eavesdropping and tampering.
- Reduced complexity: mTLS can simplify security architecture by eliminating the need for separate authentication mechanisms.
mTLS is used in a variety of applications, including: Web Services security, Databases security, API security, Microservices architecture, Service Mesh, IoT Security, Zero Trust Security.
If you are looking for a way to improve the security of your application, mTLS is a good option to consider.
BastionXP CA automates certificate generation, distribution and rotation at scale, thereby eleminating the manual work and reducing the complexity involved, without compromising the security.