Certificate authentication of Rest service endpoint in private cloud

0
I need to set up TLS certificate authentication for a REST endpoint in Mendix private cloud deployment. How should I implement this?I've found that TLS certificate authentication works straightforwardly in Mendix public cloud. However, I haven't located comparable guidance for private cloud. I've checked Studio Pro and the consumed service configuration but don't see options to enforce certificate validation at the application level. This suggests the solution likely requires infrastructure-level configuration rather than in-app settings.Has anyone implemented TLS certificate authentication for REST endpoints in Mendix private cloud? I'd appreciate details on your approach, including whether this was handled at the infrastructure level and what tools or configurations you used.
asked
1 answers
0

In Mendix Private Cloud, this is usually handled at the infrastructure level, not in Studio Pro.


For an incoming REST endpoint, Mendix does not provide an app-level setting to enforce client certificate authentication on the published service itself. The common approach is to configure mTLS on the Ingress / reverse proxy / load balancer in front of the app. Mendix Private Cloud supports exposure through options like Kubernetes Ingress, OpenShift Route, or Service Only, and Service Only gives the most control if you want to manage security yourself.


So yes, your assumption is correct: in Private Cloud, TLS certificate authentication for REST endpoints is generally implemented outside Mendix, at the platform/network layer. If you share which ingress you use, the exact setup can be more specific.

answered