Certificates

“Which certificates do I need to give to the client?” That was the question I couldn’t answer confidently the first time I configured mTLS in MuleSoft. I understood the handshake at a high level — both sides prove who they are. What I didn’t understand was the practical side: who holds what, and where in the platform does each piece actually live? If you’ve been there, this post is for you. ...

When building secure APIs, TLS (Transport Layer Security) is a must. But not all TLS setups are created equal. If you’ve ever wondered what exactly two-way TLS is — or when to use it — you’re in the right place. Let’s break it down in a simple way. 🔐 One-Way TLS (Standard TLS) We all use it every day. Every time you log in to your bank account or shop online, you’re using one-way TLS. Your browser verifies the identity of the server via a certificate, usually signed by a trusted Certificate Authority (CA). ...