Use Mutual TLS in HTTP modules in Adobe Workfront Fusion
Mutual TLS overview
When you send data over the internet, it’s important to ensure that it goes to or comes from the correct location and that only the intended recipient can read it. With TLS enabled, the client (computer requesting information) uses certificates to verify the identity of the server (computer providing information). This makes secure HTTP connections.
Mutual TLS allows this identity confirmation to go both ways. When the server sends its certificate to verify its identity to the client, it also requests the client’s certificate. This ensures that the server does not send information to a site or user that would misuse it.
-
TLS: When a person types “MyGreatBank.com” into a browser, they want to be sure that they are going to My Great Bank, not a website that might misuse or sell their banking information. They also want to be sure their bank account information is encrypted.
When the browser (the client) connects to MyGreatBank.com (the server), TLS requires a certificate from MyGreatBank.com to verify its identity. The certificate is provided by a certificate authority such as DigiCert or Thawte. Because the browser trusts the certificate authority, it allows the connection.
-
Mutual TLS: MySoftware.com is a software client that needs information from the MyGreatBank.com API. MyGreatBank allows only trusted clients to connect to their servers. So, in addition to the regular TLS verifying the identity of MyGreatBank.com, the TLS/certificate authority process also verifies the request from MySoftware.com.
Access requirements
You must have the following access to use the functionality in this article:
*To find out what plan, license type, or access you have, contact your Workfront administrator.
**For information on Adobe Workfront Fusion licenses, see Adobe Workfront Fusion licenses
Providing your Workfront Fusion public certificate
When you connect to a web service with an HTTP request, the web service usually requires a Workfront Fusion public certificate for verification. This allows the web service to compare the certificate presented in the HTTP request to the one on file, as a way to ensure that the certificate is on the web service’s allowlist.
For instructions on uploading the Adobe Workfront Fusion public certificate to a web service, see the web service’s documentation.
You can use the following links to download the Workfront Fusion public certificates:
Certificates for April 23, 2023-May 7, 2024
-
These Workfront Fusion public certificates expire on May 7, 2025. After yours expires you will need to upload a new certificate to the web service. We recommend that you:
- Make note of the expiration date and set a reminder for yourself to upload the certificate to your web service.
- Bookmark this page to easily find the new certificates.
-
These are non-wildcard mTLS certificates.
Enabling Mutual TLS in Workfront Fusion HTTP modules
All Workfront Fusion HTTP request modules have the option to enable Mutual TLS.
To enable Mutual TLS in an HTTP request module:
-
Add an HTTP request module to your scenario.
-
Begin configuring the module.
For instructions on configuring an HTTP request module, see the appropriate article under HTTP modules.
-
Enable Show advanced settings near the bottom of the module.
-
Enable Use Mutual TLS.