Skip to content

Latest commit

 

History

History
34 lines (21 loc) · 1.58 KB

_index.md

File metadata and controls

34 lines (21 loc) · 1.58 KB
Raw
pcx_content_type title weight meta
concept
Client certificates
6
description
Use Cloudflare public key infrastructure (PKI) to create client certificates and enforce mutual Transport Layer Security (mTLS) encryption.

Client certificates

Use Cloudflare public key infrastructure (PKI) to create client certificates. Use these certificates with Cloudflare API Shield or Cloudflare Workers to enforce mutual Transport Layer Security (mTLS) encryption.

{{}}

API Shield

To use API Shield to protect your API or web application, you must do the following:

  1. Use Cloudflare’s fully hosted public key infrastructure (PKI) to create a client certificate.

  2. Configure your mobile app or IoT device to use your Cloudflare-issued client certificate.

  3. Enable mTLS for the hosts you wish to protect with API Shield.

  4. Create WAF custom rules that require API requests to present a valid client certificate.

{{}}

Workers

To authenticate Workers requests using mTLS:

  1. Use Cloudflare’s fully hosted public key infrastructure (PKI) to create a client certificate.
  2. Create and use an mTLS binding to authenticate Workers connections.