ediverse Explore the platform

Spotlight PEPPOL BIS Billing 3.0 The EU e-invoicing mandate is here — France Sept 2026, Belgium Jan 2026, Germany 2025.

MTLS-SPEC-DETAIL

Reciprocal client/server certificate auth.

Definition

mTLS relies on TLS 1.2+ Client Certificate Request (RFC 5246 §7.4.4). Client sends Certificate message after ServerHelloDone. Authentication pivot in AS2 (RFC 4130), Istio Service Mesh (Citadel), MQTT IoT, OAuth FAPI (RFC 8705 tls_client_auth). Implemented in nginx, HAProxy, Envoy.

Origin

TLS Client Certificate Authentication formalised in TLS 1.0 (RFC 2246, 1999).

Example in context

An AS2 partner receives X.509 client certificate from counterparty — mTLS handshake before signed MIME exchange.

  • mTLS — parent concept.

Last updated: May 16, 2026