Some services are public and should be accessible to everyone. Some services are private and should only be accessible by a select group of clients.

This guide walks through steps to secure a Node based web service with Client Authenticated TLS using CATKeys, so that only authorised clients can access a private web service.

Client Authenticated TLS

Client Authenticated TLS’ is a version of the TLS handshake that provides mutual authentication (also known as 2-way authentication) between clients and servers using client certificates.

Mutual authentication means that a client will only connect to a valid server (as is the case with normal TLS)…

Pommy Mac

Into web dev n stuff

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store