Feature Request: Add mutual TLS (mTLS) support for node-to-node connections

[AGENT3128]

Feature Request: Add mutual TLS (mTLS) support for node-to-node connections

Summary

Currently, Ergo Framework uses TLS for encryption but relies on cookie-based authentication. I'd like to request support for mutual TLS (mTLS) where both client and server authenticate using X.509 certificates.

Current Behavior

• TLS configuration is hardcoded without ClientAuth, ClientCAs, or RootCAs
• Only server-side certificates are supported
• Authentication relies on pre-shared secrets (Cookie)

Desired Behavior

Add configuration options to:

• Require client certificates for incoming connections
• Provide client certificates for outgoing connections
• Specify custom CA pools for certificate validation
• Support custom certificate verification logic

Use Case

Enterprise deployments require certificate-based mutual authentication for security compliance and zero-trust architectures.

[halturin]

Thanks for the great proposal. I'll add it to the 3.2 roadmap.

[halturin]

This feature is now available in the v320 branch. Your feedback is highly appreciated.
Documentation: https://devel.docs.ergo.services/networking/mutual-tls