This post was originally published on this site
mTLS stands for mutual Transport Layer Security. It is a security protocol that provides encrypted communication between client and server, ensuring that the data transmitted over the network cannot be intercepted, read or modified by any unauthorized entity.
Unlike traditional SSL/TLS, which only authenticates the server to the client, mTLS authenticates both the server and the client to each other, thereby providing mutual authentication. This is achieved by using digital certificates to verify the identities of both the client and server.
In mTLS, the client presents its own digital certificate to the server during the SSL/TLS handshake process, and the server verifies the certificate to authenticate the client. Similarly, the server presents its own certificate to the client, which is then verified by the client.
By using mTLS, organizations can add an additional layer of security to their network communication, helping to prevent attacks such as man-in-the-middle (MITM) attacks and unauthorized access to resources.
When configuring the extension applications’ connectivity to SAP SuccessFactors, use these procedures to enable mTLS.
X509 Certificate Generation in SAP BTP. Creating HTTP Destination using Client Certificate Authentication. In SAP SuccessFactors, create an X509 Certificate mapping. POSTMAN API call for testing mTLS