TLS vs mTLS Handshake

Standard TLS

Server authenticates to client only

💻

CLIENT

🖥

SERVER

Negotiation

ClientHello

Supported ciphers, TLS version, random

ServerHello

Chosen cipher, random

Server Authentication

Certificate

Server's X.509 certificate

ServerKeyExchange

Signed ECDH params → proves key ownership

ServerHelloDone

Key Exchange

ClientKeyExchange

Client's ECDH public value

ChangeCipherSpec

Finished

Encrypted verification

ChangeCipherSpec

Finished

Encrypted verification

🔒

Encrypted Channel Established

Server identity verified by client

Mutual TLS (mTLS)

Both parties authenticate to each other

💻

CLIENT

🖥

SERVER

Negotiation

ClientHello

Supported ciphers, TLS version, random

ServerHello

Chosen cipher, random

Server Authentication

Certificate

Server's X.509 certificate

ServerKeyExchange

Signed ECDH params → proves key ownership

CertificateRequest
Server requests client cert

ServerHelloDone

Client Auth + Key Exchange

Certificate
Client's X.509 certificate

ClientKeyExchange

Client's ECDH public value

CertificateVerify
Signed hash → proves key ownership

ChangeCipherSpec

Finished

Encrypted verification

ChangeCipherSpec

Finished

Encrypted verification

🔐

Encrypted Channel Established

Both identities mutually verified