Does the SSL Visibility Appliance support decrypting mTLS?
search cancel

Does the SSL Visibility Appliance support decrypting mTLS?


Article ID: 227487


Updated On:


SSL Visibility Appliance Software


mTLS or mutual authentication is a method of verifying that the parties at each end of a network connection are who they claim to be by verifying they both have the correct private key.  The information within their respective TLS certificates provides additional verification.  

mTLS is often used in a Zero Trust security framework to verify users, devices, and servers within an organization. It can also help keep APIs secure.

The SSL Visibility appliances do not decrypt or participate in Mutual TLS authentication.


In mTLS both the client and server have a certificate, and both sides authenticate using their public/private key pair.  The SSLV does not support client certificates.  The SSL Visibility appliances only decrypt TLS traffic between a client and a server when the client makes a request and the server has a certificate.


In order to pass mTLS traffic through the appliance, a cut-through rule would need to be added to the policy based either upon the source IP address or the destination IP address.