Home / Kong Plugin Hub
Edit
Report

Header Cert Authentication

Enterprise only
Overview Examples Configuration reference Changelog API reference
Related Documentation
Gateway Documentation
Made by
Kong Inc.
Supported Gateway Topologies
hybrid db-less traditional
Supported Konnect Deployments
hybrid cloud-gateways
Compatible Protocols
grpc grpcs http https
Minimum Version
Kong Gateway - 3.8
Tags
#authentication
Related Resources
About authentication
CA Certificates

3.13.0.0

Release date 2025/12/18

Feature

  • added support for the tls_certificate_verify global option. When this option is enabled, the plugin’s ssl_verify flag cannot be disabled.

  • added the flag ssl_verify to control certificate verification when connecting to the server of the OCSP responder’s URL and to the server of the CRL Distribution Point.

3.11.0.0

Release date 2025/07/03

Bugfix

  • Fixed an issue where Header Cert Authentication plugin failed to validate revocation using OCSP when the downstream connection wasn’t an SSL connection.

3.10.0.4

Release date 2025/08/07

Bugfix

  • Fixed an issue where Header Cert Authentication plugin failed to validate revocation using OCSP when the downstream connection wasn’t an SSL connection.

3.8.0.0

Release date 2024/09/11

Feature

  • Added a new plugin for header-based certificate authentication.

Something wrong?
Report an Issue | Edit this Page

Help us make these docs great!

Kong Developer docs are open source. If you find these useful and want to make them better, contribute today!
Contribute

Still need help

Ask in our Forum
Contact Support