Mendix acting as (Intermediate) Certificate Authority (CA) - Mendix Forum

Mendix acting as (Intermediate) Certificate Authority (CA)


This feature request proposes Mx to acts as (Intermediate) Certificate Authority (CA), as follows:

Customer uses Mx portal to generate PKI Key Pair and associated public certificate. Customer will download PKI Key Pair and Certificate and load these in the customer client system. Mx will include Mx specific attributes in the certificate that allows Mx to authenticate and authorize the incoming connection. Attributes like Tenant Id and User Id allows Mx to connect the user to the right tenant in Mx’s multi-tenant platform.


2 answers

Hi Johan –

Use case  : we use for our service-2-service connections, 2-Way SSL to establish client and server authentication

Current situation:
Tennant info provided in URL
2-Way SSL certificate - with intermediate certificate of customer. CA Root Authority 3rd Party , contracted by customer.
2-Way SSL Certificate with intermediate certificate from Mendix. CA Root Authority 3rd Party contracted by Mendix
Tennant info is attribute added to certificate

Advantage is 100% automation of deployment of software to Mx cloud; better quality , faster deployment, ease of user, CI/CD funnel automated
Software in test and production is the same
Adding tennant info as attribute certificate is part of automated deployment process



Could you elaborate on a use case?