# Setup 2 way SSL (mTLS)

Sealights Java agents have the ability to send certificate identifying the client for every request they send to the sealights backend to initiate 2 way SSL communication.

{% hint style="info" %}
Note that a backend configuration is also needed for 2 way SSL communication. Please contact customer success if you wish to enable it.
{% endhint %}

### Instructions <a href="#ud83d-udcd8-instructions" id="ud83d-udcd8-instructions"></a>

To enable 2 way SSL please pass the following system parameters to the agent:

| System property              | Default value | Description                                                                                                         |
| ---------------------------- | ------------- | ------------------------------------------------------------------------------------------------------------------- |
| `sl.mTlsEnabled`             | `false`       | Enables mTLS on agent side.                                                                                         |
| `sl.mTlsKeystore`            | n/a           | Path to keystore file. If not defined or file does not exists or is not accessible, mTLS support would be disabled. |
| `sl.mTlsKeystorePassword`    | n/a           | Password to keystore file. Required, can not be empty.                                                              |
| `sl.mTlsKeystoreKeyPassword` | n/a           | Password to private key located into the keystore file. Required, can not be empty.                                 |
| `sl.mTlsKeystoreKeyAlias`    | n/a           | The keystore entry alias. Currently not required (single entry keystorefile support).                               |

{% hint style="info" %}
Supported Agent versions from:

* Java Agents: `4.0.2448`
* Gradle Plugin: `4.0.905`
* Maven Plugin: `4.0.1064`
  {% endhint %}