> Unfortunately, hardly any tutorials pointed this out and used their own CA for everything instead.
I think this is one of the reasons so few people consider using TLS auth. There aren't many guides out there, and many of the ones that are easily accessible use a custom CA deployment that's an absolute pain to manage (custom TLS certs on websites with a custom ACME server or manual certificate generation, and so on).
Sometimes I feel like writing my own guide, but I'm not 100% confident that I'd get everything right.
I’ve been in this boat and have documented weird bugs and things that don’t work, but yet to write something about a working configuration.
I wanted to use mTLS for self hosted services and it took a while to come up with something that worked well in browsers, but apps on iOS and Android basically can’t use the certs making it fruitless.
I think this is one of the reasons so few people consider using TLS auth. There aren't many guides out there, and many of the ones that are easily accessible use a custom CA deployment that's an absolute pain to manage (custom TLS certs on websites with a custom ACME server or manual certificate generation, and so on).
Sometimes I feel like writing my own guide, but I'm not 100% confident that I'd get everything right.