Working on TLS Connectivity with Mutual Authentication. The TLS server has a certificate signed by our Private PKI CA, and client has public/private key pair(Not signed by CA).
The normal one way authentication is working fine - and it uses TLS1.2. I heard about public key pinning. To enable Mutual Authentication, I am trying to copy the client’s public key to server. But stuck and don’t know how to proceed. Any example for PublicKey pinning for TLS.
Currently, our infrastructure cannot support to get <isolated from CA; only server has access to CA> Client’s public key certified.
Note, the client & server would be same party for over a period of time, say few years. But might reboot often and might do re-Handshake. Could we optimize anything?