Articles

Mutual TLS mTLS Setup: Client and Server Certificates (2026)

April 6, 2026 4 min read

Mutual TLS (mTLS) is often framed as a security enhancement, but its primary operational benefit is enforcing strict identity verification for both parties in a connection, preventing anonymous access and simplifying authorization.

Let’s see mTLS in action. Imagine a simple Go HTTP server that requires a client certificate.

package main

import (
	"crypto/tls"
	"crypto/x509"
	"fmt"
	"io/ioutil"
	"log"
	"net/http"
)

func helloHandler(w http.ResponseWriter, r *http.Request) {
	// The client certificate is available in r.TLS.PeerCertificates[0]
	clientCN := "unknown"
	if len(r.TLS.PeerCertificates) > 0 {
		clientCN = r.TLS.PeerCertificates[0].Subject.CommonName
	}
	fmt.Fprintf(w, "Hello, %s! You are authenticated.", clientCN)
}

func main() {
	// Load the server's certificate and private key
	cert, err := tls.LoadX509KeyPair("server.crt", "server.key")
	if err != nil {
		log.Fatal("Failed to load server key pair: ", err)
	}

	// Load the CA certificate that signed the client certificates
	caCert, err := ioutil.ReadFile("ca.crt")
	if err != nil {
		log.Fatal("Failed to read CA certificate: ", err)
	}
	caCertPool := x509.NewCertPool()
	caCertPool.AppendCertsFromPEM(caCert)

	// Configure the TLS server
	tlsConfig := &tls.Config{
		Certificates: []tls.Certificate{cert},
		ClientCAs:    caCertPool, // Trust these CAs for client certificates
		ClientAuth:   tls.RequireAndVerifyClientCert, // Require and verify client certs
	}

	// Create an HTTP server with the TLS configuration
	server := &http.Server{
		Addr:      ":8443",
		Handler:   http.HandlerFunc(helloHandler),
		TLSConfig: tlsConfig,
	}

	fmt.Println("Server listening on :8443 with mTLS enabled...")
	// Start the server with TLS
	err = server.ListenAndServeTLS("", "") // Certificate/key are in tlsConfig
	if err != nil {
		log.Fatal("Server failed to start: ", err)
	}
}

To connect to this server, a client would need its own certificate signed by the same ca.crt used by the server, and then use curl like this:

curl --cacert ca.crt --cert client.crt --key client.key https://localhost:8443

The server, upon receiving this request, performs several checks:

  1. Is the client presenting any certificate? (ClientAuth: tls.RequireAndVerifyClientCert enforces this).
  2. Is the client certificate signed by a CA that the server trusts? (Checked against ClientCAs).
  3. Is the client certificate valid (not expired, not revoked)? (Basic validation).
  4. Does the certificate subject match any authorization rules? (This is where you’d typically implement your access control logic, e.g., checking r.TLS.PeerCertificates[0].Subject.CommonName).

This setup moves authentication from "who is connecting?" (like a password) to "who are you?" based on cryptographically verifiable identity. The server doesn’t just trust the client; it knows who the client claims to be via its certificate.

The core problem mTLS solves is the inherent insecurity of anonymous network connections. Without mTLS, any entity on the network can attempt to connect to your server. You might then rely on IP-based access control or application-level credentials, but these are often weaker. IP addresses can be spoofed or change, and application credentials can be compromised through phishing or other means. mTLS establishes a cryptographic identity at the transport layer. The server’s tls.Config is where the magic happens: Certificates holds the server’s own identity, ClientCAs defines the "trusted issuers" for clients, and ClientAuth: tls.RequireAndVerifyClientCert dictates that a client must present a certificate and that it must be verifiable against the ClientCAs.

When a client connects, its TLS stack presents its certificate. The server’s TLS stack then initiates a handshake process. It sends its CA list to the client, requesting a certificate signed by one of them. If the client has such a certificate and is willing to present it, it sends its certificate and its private key is used to sign a piece of data exchanged during the handshake, proving possession of the private key. The server then uses the ClientCAs to verify the signature on the client’s certificate and the signature on the handshake data. If all checks pass, the TLS connection is established, and the server now has a verifiable identity for the client, available in r.TLS.PeerCertificates.

A common point of confusion is the role of the certificates. The server needs its own certificate (server.crt, server.key) to prove its identity to the client. The server also needs a CA certificate (ca.crt) that it trusts to have signed the client’s certificates. The client, in turn, needs its own certificate (client.crt, client.key) and potentially the CA certificate (ca.crt) to verify the server’s identity if the server presents one. The ca.crt acts as the bridge of trust.

The most surprising operational detail is how certificates are used for authorization. While TLS’s primary role is authentication, the verified identity (often the Subject.CommonName or Subject.Organization) from the client certificate becomes a powerful, immutable attribute for making fine-grained authorization decisions within your application. You’re not just verifying a connection; you’re verifying who is connecting, and that "who" can then be used like a user ID for access control.

The next hurdle after getting mTLS working is often managing the lifecycle of these certificates, especially in large deployments.

More Deep Dives in Tls Ssl

Want structured learning?

Take the full Tls-ssl course →