Does fastly support client side certificates?
If you’re asking whether Fastly can host Customer Certificates then the answer is yes. There is a charge for this service but its probably best to log a ticket with email@example.com to get things going. They are likely to put you in touch with a Sales Rep who can reach out to you and take things from there. Hope that helps!
I just had a word internally and it would seem that I may have spoke out of turn on this one. Turns out we do not support Client Side Certificate Authentication after all.
We do not support client certs on the browser side (i.e. we cannot authenticate a browser based on the client certificate it provides to us in the handshake.) However, we do support them on the origin side, meaning you can configure a client cert & key for Fastly to use when connecting to the origin.
Can I ask what your use case is?
Similar to the client cert on browser side use case. Would like to authenticate client cert on a server-to-server integration (i.e. external server to fastly). So sounds like the answer is “not supported”, but please let me know if I’m missing something.
We do support Client Certificates from Fastly to Origin. That’s under TLS Options on the backend config.
Over 2 years later, I’m wondering whether this is still the case, or whether its under consideration? It’s very useful for scenarios where fastly sits between others services and one’s backend.