Use mTLS Certificates in a real application path
mTLS certificate bindings let a Worker make outbound fetches with a client certificate.
A compact mTLS Certificates recipe with config and worker usage in one application path.
Use this as the copyable starter before threading the feature into a larger application.
- Config focus
- bindings.mtlsCertificates
- Runtime shape
- Best use
- calling origins that require a Cloudflare-uploaded client certificate
Start by wiring the binding clearly in config
Smallest mTLS Certificate config
Build the application flow around the binding
Treat this as the app-level mTLS Certificates path: the route, event handler, or service module receives a real request and uses the binding to do useful work.
Keep product limits, remote ownership, and fallback behavior visible in the code around the binding instead of hiding everything behind a vague utility too early.
- Keep the first example short enough to paste into a new Worker.
- Real TLS client-certificate presentation is Cloudflare/Wrangler remote behavior.
Fetch through the mTLS binding
Keep production boundaries visible
- Config focus: bindings.mtlsCertificates.
- Runtime shape: .
- Best use: calling origins that require a Cloudflare-uploaded client certificate.
Thread this into the next recipe
Once this smallest path works, add routing, generated types, and feature-specific abstraction in that order.
Previous
Testing mTLS Certificates
Test mTLS Certificates by choosing the local harness that matches the product boundary instead of reaching for Cloudflare by default.
Next
Dispatch Namespaces
Add the Dispatch Namespaces config, call from worker code, and start with the local test path Devflare supports.