This section summarizes the API's workflow patterns to create your client certificate and enable mTLS between your origin and the ​Akamai​ network. See the API summary for details on all operations.

Use these steps to enable mTLS between your origin and the edge server.

Set up an mTLS session

To set up an mTLS session between the origin and the edge servers:

1. Collect client certificate details. This includes your contract and group under the account.
2. Determine the secure network type, signing CA, deployment network, and email addresses to notify of an approaching certificate expiration.
3. Create a client certificate. If you chose a third-party signer for the client certificate, upload the signed client certificate to the mTLS Origin Keystore application.
4. In your property manager configuration, enable the mTLS Edge Server to Origin behavior.