Hi everyone,

I’m working on implementing an electronic id authentication, which requires client certificates to be passed directly to the application during the TLS handshake (mutual TLS). However, it appears that Railway’s edge servers terminate TLS before forwarding requests to my app, causing the client certificate to be dropped. I’ve confirmed this as x-client-cert is consistently missing from the forwarded headers.

Is there a way to configure Railway to preserve client certificates or to disable TLS termination at the edge so the app can handle mutual TLS directly?

My current researches seem to indicate this is a limitation fo railway, but I would ideally like to stay with you guys, so please do let me know!

Thanks in advance!