Introducing TLS with Client Authentication

Cloudflare now offers TLS with client authentication to enterprise customers, adding an extra layer of security by authenticating the client connecting to a server. This feature is particularly useful in scenarios involving IoT devices or mobile apps with millions of installs exchanging secure information. Unlike API keys, client certificates offer enhanced security as their private key is used to create a digital signature in every TLS connection, preventing new requests from being instantiated if the certificate is compromised mid-connection. Cloudflare's edge can be utilized for offloading the CPU-intensive verification process of TLS Client Authentication. The company plans to add support for this feature across all its plans within a year.