Add a TLS Context to Mule

After you create a secret group, you can add a Transport Layer Security (TLS) context to encrypt inbound traffic to Mule 4 proxies. When you add the TLS context, you can select the ciphers to use with the TLS context.

You can use the TLS context you store in the secrets manager when you configure an HTTPS API proxy.

Add TLS Context

Adding a TLS context to your secret group involves supplying a name, target, security information, version, keystore and, optionally, truststore.

In the Secret Groups list view, select the secret group to which to add a TLS context.
Select TLS Context in the menu on the left, and click Add TLS Context.
In the Create TLS Context screen, add the required information:
- Name
  Enter a name for your TLS context.
- Target
  Select Mule to use the TLS context as the SSL validation for Mule 4-based API proxies. Uses the TLS context as the SSL validation for Mule 4-based API proxies.
- TLS Version
  By default, TLS 1.2 is selected. You can select TLS 1.1 to support both versions.
- Keystore
  From the drop-down list, select the keystore to store the TLS context.
- Truststore
  Optionally select a truststore to which to add the TLS context if you are using a truststore to store certificates trusted by the client.
  If the Target value for the TLS context is Mule, you can select Insecure if you don’t want certificate validation enforced.
- Expiration Date
  Optionally select the expiration date for the certificate.
Optionally select ciphers for the TLS context.
Click Save.