feat: As a user, I want to specify the API for mTLS authentication, so that protect important API.

### Description

There will be a large number of paths in the gateway, and I hope to perform mTLS authentication on the specified path to protect this path. This needs to be supported by mTLS at the route level, and mTLS mutual authentication can be performed on the specified route.

Assuming there are two routes:

1. `/protect/*` HTTPS and mTLS 
2. `/public/*`  HTTPS

In fact, since the mTLS of APISIX cannot work on the route, when accessing different routes with the same SNI, you cannot authenticate the mTLS and TLS at the same time. `/public/*` still uses the mTLS.

#### Example

```sh
# URL:     /protect/post
# Expect:  HTTPS + mTLS   
# Actual:  HTTPS + mTLS 
curl --resolve 'httpbin.com:9443:127.0.0.1' https://gateway/protect/post -k --cert ./client.pem --key ./client.key

# URL:     /public/get  
# Expect:  HTTPS   
# Actual:  HTTPS + mTLS
curl --resolve 'httpbin.com:9443:127.0.0.1' https://gateway/public/get -k
```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

feat: As a user, I want to specify the API for mTLS authentication, so that protect important API. #8391

Description

Example

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

feat: As a user, I want to specify the API for mTLS authentication, so that protect important API. #8391

Description

Description

Example

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions