Mutual TLS

hello. i’ve read a few posts on here about others trying to do mutual tls and it came down to removing the handlers from the config file. i understand that piece of it and the fact that the ssl connection will be sent to my node app for it to handle the request.

at this point i need to create the https server in node but it requires ssl certs. can i use ones generated in the dashboard here? do I need to generate the certs myself manually?

The certs Fly generate are only available to Fly’s own edge nodes and not the app instances (VMs) themselves. And so, you’d have to generate your own certs, and use them as approp for mTLS.

Btw, Fly engs built a “tailscale-router” that you might want to consider as an alternative, if that’s an option.

ok. so would an option be just to generate the certs myself and use nginx as a reverse proxy to terminate tls? or is there a way to have fly to validate a client certificate?