(Transport Layer Security) - is an EAP-Type for authentication based upon X.509 certificates. Because it requires both the Supplicant and the Authentication Server to have certificates, it provides explicit Mutual Authentication and is resilient to man-in-the-middle attacks. After successful authentication a secure TLS link is established to securely communicate a unique session key from the Authentication Server to the Authenticator. Because X.509 certificates are required on the Supplicant, EAP-TLS presents significant management complexities.

Used to create a secured connection for 802.1X by pre-installing a digital certificate on the client computer. EAP- TLS stands for Extensible Authentication Protocol-Translation Layer Security.

EAP-TLS (Extensible Authentication Protocol -Transport Layer Security) authentication uses digital certifications for mutual authentication. The server presents a certificate to the client. After validating the identity of the server, the client sends a certificate to the server. The exchange of certificates is done in the open before a secured tunnel is created.See also EAP and EAP-TTLS.