Zero Trust for SaaS: Deploying mTLS on custom hostnames
Cloudflare has introduced mutual TLS (mTLS) authentication support for its Access product, allowing SaaS providers to add an extra layer of security to their customers' domains. This feature is particularly useful for high-security services such as payment processors, where only authorized devices should be able to make requests. By using mTLS, SaaS providers can configure a Root CA for each customer and issue client certificates that will be installed on authorized devices. This ensures that requests bound for the API endpoint only come from valid devices and prevents unauthorized access. The feature is currently in Beta and available for Enterprise customers to use.
Company
Cloudflare
Date published
March 22, 2022
Author(s)
Dina Kozlov
Word count
1110
Language
English
Hacker News points
None found.