For the complete documentation index, see llms.txt. Markdown versions of all docs pages are available by appending .md to any docs URL.
Backend TLS
Verified Code examples on this page have been automatically tested and verified.Configure TLS for secure connections to backend services.
Attaches to: Backend
Agentgateway supports more than one configuration style. Where a feature can also be configured in the simplified
llm or mcp modes, the examples on this page show each option in tabs. For more information, see Routing-based configuration.By default, requests to backends use HTTP. To use HTTPS, configure a backend TLSTLS (Transport Layer Security)A cryptographic protocol that provides secure communication over a network. Agentgateway supports TLS for both incoming connections (listeners) and outgoing connections (backends). policy.
# yaml-language-server: $schema=https://agentgateway.dev/schema/config
mcp:
port: 3000
policies:
backendTLS:
# A file containing the root certificate to verify.
# If unset, the system trust bundle will be used.
root: ./certs/root-cert.pem
# For mutual TLS, the client certificate to use
cert: ./certs/cert.pem
# For mutual TLS, the client certificate key to use.
key: ./certs/key.pem
# If set, hostname verification is disabled
# insecureHost: true
# If set, all TLS verification is disabled
# insecure: true
targets:
- name: everything
stdio:
cmd: npx
args: ["@modelcontextprotocol/server-everything"]Was this page helpful?
