CKS mTLS
CKS exam topic: mTLS — concepts, configuration, and practice exercises.
mTLS - Mutual TLS
Mutual TLS (mTLS) extends standard TLS by requiring both the client and server to present certificates during the handshake. This is a key concept for the CKS exam, especially in the context of service mesh architectures like Istio, where mTLS is used to encrypt and authenticate all pod-to-pod communication within a Kubernetes cluster.
- mutual authentication
- two-way (bilateral) authentication
- two parties authenticating each other at the same time
The following diagrams illustrate how mTLS works and how it differs from standard one-way TLS.
This post is licensed under CC BY 4.0 by the author.