1

Is it possible to limit access to 1 or a number of predefined client certificates (app running in Mendix Cloud v4)? Perhaps via custom settings or otherwise? 'Access restriction profiles' only work at the level of root CA or intermediates, so any certificate issued by them would be accepted. ("In addition, you can restrict incoming traffic by requiring client certificates signed by a certificate authority of your choice." - https://docs.mendix.com/developerportal/deploy/certificates) ("It should not contain client certificates." - https://docs.mendix.com/developerportal/deploy/access-restrictions)   It is possible to limit to certificates issued by a selected intermediate in an access restriction profile, but this still does not limit it to 1/n predefined certificates. One workaround I found is to use selfsigned certificates to bypass the need for a root issuer. I'm wondering if there are any others :) Thx!

asked 2022-03-24

0 answers