---
title: Use MTLS for Service-to-Service Communication
impact: HIGH
impactDescription: ensures mutual authentication between internal services
tags: security, mtls, authentication, service-to-service
---

## Use MTLS for Service-to-Service Communication

When services communicate internally, use Mutual TLS (mTLS) to verify both the client and the server identities.

**Example (configuring Net::HTTP with certs):**

```ruby
uri = URI("https://internal-service.local")
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
http.cert = OpenSSL::X509::Certificate.new(File.read("client.crt"))
http.key = OpenSSL::PKey::RSA.new(File.read("client.key"))
http.verify_mode = OpenSSL::SSL::VERIFY_PEER

response = http.get(uri.path)
```

**Tools:** Manual Review, Service Mesh (Istio/Linkerd)
---