Airlock as a Service Knowledge Base
API Reference Service Status Airlock Console
airlock.com

TLS settings

By default, regular TLS is used to secure the connection between the server and the client. We strongly recommend using mutual TLS (mTLS) for added security. This can be configured independently for

  • Loginapp

  • Adminapp

  • Transaction approval

Accessing the tenant TLS settings

  1. In the Airlock Console, go to:
    Configuration >> TLS settings

  2. Select the TLS (Loginapp) tab, the TLS (Adminapp) tab or the TLS (Transaction approval) tab, to modify the respective TLS settings.

  3. By default, the option Regular TLS is enabled. For enhanced security, select Mutual TLS and configure according to How to: Configure mTLS integration.

  4. Click Save.

Notice
TLS settings will be applied immediately. No further config activation is required.

Notice
When mTLS is configured, certain links in the Airlock Console to the tenant IAM Adminapp and Loginapp may stop working depending on your gateway configuration and network setup.


Difference between TLS and mTLS explained

The following chapters show the difference between TLS and mTLS for an end user accessing the tenant IAM Loginapp.

TLS overview

In the TLS case, an end-user accesses the Airlock SaaS Tenant IAM directly from the internet:

mTLS overview

In the mTLS case, an end user cannot access an Airlock SaaS Tenant IAM directly from the internet, but is routed through the customer's internal gateway, which securely connects to the Airlock SaaS Tenant IAM.

Notice
When mTLS is configured, certain links in the Airlock Console to the tenant IAM Adminapp and Loginapp may stop working depending on your gateway configuration and network setup.