Interface: MTLSConfig

Defined in: src/types/interfaces/zero-trust.interface.ts:412

mTLS configuration.

Properties

certificate

readonly certificate: string

Defined in: src/types/interfaces/zero-trust.interface.ts:450

Server certificate (PEM encoded).

---

certificateChain?

readonly optional certificateChain: readonly string[]

Defined in: src/types/interfaces/zero-trust.interface.ts:460

Certificate chain (PEM encoded).

---

cipherSuites?

readonly optional cipherSuites: readonly string[]

Defined in: src/types/interfaces/zero-trust.interface.ts:427

Allowed cipher suites.

Remarks

Should use AEAD ciphers only.

---

clientCAs?

readonly optional clientCAs: readonly string[]

Defined in: src/types/interfaces/zero-trust.interface.ts:445

CA certificates for client verification (PEM encoded).

---

minVersion

readonly minVersion: "TLSv1.2" | "TLSv1.3"

Defined in: src/types/interfaces/zero-trust.interface.ts:419

TLS protocol version.

Remarks

Should be 1.3 for Zero Trust.

---

privateKey

readonly privateKey: string

Defined in: src/types/interfaces/zero-trust.interface.ts:455

Server private key (PEM encoded).

---

requireClientCert

readonly requireClientCert: boolean

Defined in: src/types/interfaces/zero-trust.interface.ts:435

Whether to require client certificates.

Remarks

True for mTLS, false for server TLS only.

---

verifyClient

readonly verifyClient: boolean

Defined in: src/types/interfaces/zero-trust.interface.ts:440

Whether to verify client certificate.