Openshift 4 Mutual Authentication

Hello, I need to expose an https service with mutual authentication with a client. I saw that it is possible to configure the router with mutual tls authentication in OCP v3.11 but there isn't any reference to how to do that in ocp v4.x. Is it possible to configure a route with mutual tls authentication in OCP v4.x?

Labels (1)
0 Kudos
1 Reply
Mission Specialist
Mission Specialist


Per DO280, you need to use a pass-through route to support mutual authentication between your application and the client.

To allow the application to use certificate/key, you need to create a secret of type tls. With the secret of type tls, you can pass the location of certificate and key pair. Then, you can create a volume of type secret within a pod and volumeMount it; so you application container can see the certificate and key pair.

I saw your post a few days ago but I wait for a more qualified expert to help so I can learn from that as well. 

I think this area is evolving and you should find this blog post very useful.

If you have a better solution, please kindly share. So I can learn from you as well.


0 Kudos
Join the discussion
You must log in to join this conversation.