> ## Documentation Index
> Fetch the complete documentation index at: https://docs.alumio.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Custom client certificate

> Use SSL certificate, key and optional password for request authentication.

export const FormField = ({property, label, required = false, diType, uiPatterns, children}) => {
  const patterns = Array.isArray(uiPatterns) ? uiPatterns : uiPatterns ? [uiPatterns] : [];
  return <div style={{
    margin: '1.5rem 0'
  }}>
      <div style={{
    display: 'flex',
    alignItems: 'baseline',
    flexWrap: 'wrap',
    gap: '0.5rem',
    marginBottom: '0.25rem'
  }}>
        <strong>{label}</strong>
        <span style={{
    fontSize: '0.7rem',
    fontWeight: 600,
    textTransform: 'uppercase',
    letterSpacing: '0.04em',
    color: required ? '#6241f5' : '#6b7280'
  }}>
          {required ? 'Required' : 'Optional'}
        </span>
      </div>

      <div>{children}</div>

      {diType || patterns.length > 0 ? <p style={{
    fontSize: '0.85rem',
    color: '#6b7280',
    marginBottom: 0
  }}>
          {diType ? <>
              See the <a href={`/references/${diType}`}>{diType}</a> reference.{' '}
            </> : null}
          {patterns.length > 0 ? <>
              Accepts a <a href={`/documentation/placeholders-and-patterns/patterns#${patterns[0]}`}>pattern</a>.
            </> : null}
        </p> : null}
    </div>;
};

Authenticates a connection with a client SSL certificate instead of a username, token, or key. Use this when a service requires mutual TLS, where your side must present its own certificate and private key to prove who it is. Once configured, Alumio presents the certificate on every request to the connection.

This documentation describes: [Schema](/schemas/http-authentication-configurator/client-certificate)

## Fields

<FormField property="certificate" label="Client certificate" required>
  The client certificate to present, pasted in full including the `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----` lines. You can store the value in an environment variable and reference it here.
</FormField>

<FormField property="key" label="Client key" required>
  The private key that belongs to the certificate, pasted in full including the `-----BEGIN PRIVATE KEY-----` and `-----END PRIVATE KEY-----` lines. Keep this private; you can store it in an environment variable and reference it here.
</FormField>

<FormField property="password" label="Password">
  The password protecting the private key, if it has one. Leave it empty when the key is not password-protected.
</FormField>

## Sample data

This feature configures a connection rather than transforming data, so there is no before/after to show. A typical setup looks like this:

| Field              | Value                                                         |
| ------------------ | ------------------------------------------------------------- |
| Client certificate | `-----BEGIN CERTIFICATE-----` ... `-----END CERTIFICATE-----` |
| Client key         | `-----BEGIN PRIVATE KEY-----` ... `-----END PRIVATE KEY-----` |
| Password           | `your-key-password`                                           |

```json Configuration theme={null}
{
  "prototype": "client-certificate",
  "parameters": {
    "certificate": "-----BEGIN CERTIFICATE-----\nyour-certificate-here\n-----END CERTIFICATE-----",
    "key": "-----BEGIN PRIVATE KEY-----\nyour-private-key-here\n-----END PRIVATE KEY-----",
    "password": "your-key-password"
  }
}
```
