Mutual TLS Support

Evervault Relay communicates directly with your API over Transport Layer Security (TLS). Your API may be configured to require client-side TLS authentication. This is known as Mutual TLS (or mTLS).

We just released a new feature that allows you to upload an mTLS certificate to authenticate the connection between Relay and your API.

We also allow you to upload password-protected certificates for added security.

Enabling mTLS between Relay and your API means that you can block any requests that are not routed through Evervault, preventing you from accidentally collecting plaintext sensitive data as well as giving you the ability to reject clients that are not protected by Relay's network-level security capabilities.

You can access the feature by navigating to RelayConfigurationMutual TLS Certificates in the Evervault Dashboard.