I haven’t watched the video yet, but it’s generally not worth the hassle of setting up mutual TLS if you’re already using a peer-to-peer VPN like Tailscale, as the VPN software is already doing mutual authentication.
Edit: A peer-to-peer VPN (or mesh VPN) is one where two systems that are connected to the VPN can directly communicate with each other, instead of needing to go through a central server as with something like OpenVPN. With Tailscale or Wireguard, the peers need each other’s public keys to communicate.
This is only true for the connection security. With mTLS you can also authenticate to the webapplication you’re trying to reach. So consider your use-case between vpn/mtls.
I haven’t watched the video yet, but it’s generally not worth the hassle of setting up mutual TLS if you’re already using a peer-to-peer VPN like Tailscale, as the VPN software is already doing mutual authentication.
Edit: A peer-to-peer VPN (or mesh VPN) is one where two systems that are connected to the VPN can directly communicate with each other, instead of needing to go through a central server as with something like OpenVPN. With Tailscale or Wireguard, the peers need each other’s public keys to communicate.
The whole point of mTLS is that you dont need to use a VPN to achieve that same security.
This is only true for the connection security. With mTLS you can also authenticate to the webapplication you’re trying to reach. So consider your use-case between vpn/mtls.