_CORE
Services
AI & Agentic Systems Core Information Systems Cloud & Platform Engineering Data Platform & Integration Security & Compliance QA, Testing & Observability IoT, Automation & Robotics Mobile & Digital
Industries
Banking & Finance Insurance Public Administration Defense & Security Healthcare Energy & Utilities Telco & Media Manufacturing Logistics & E-commerce Retail & Loyalty
References Technologies
Lab
Blog Know-how Tools
About Collaboration Careers
CS EN DE
Let's talk

Encryption in Transit — Encrypting Data in Motion

17. 12. 2025 1 min read intermediate

Data in transit without encryption = readable by anyone on the network. TLS for web, mTLS for services, VPN/WireGuard for networks.

TLS — The Foundation

Encryption in Transit — Encrypting Data in Motion

server { listen 80; return 301 https://$host$request_uri; } server { listen 443 ssl; ssl_protocols TLSv1.2 TLSv1.3; add_header Strict-Transport-Security “max-age=63072000” always; }

WireGuard VPN

Server

[Interface] PrivateKey = server_private_key Address = 10.0.0.1/24 ListenPort = 51820 [Peer] PublicKey = client_public_key AllowedIPs = 10.0.0.2/32

  • TLS 1.3 for web and API
  • mTLS for service-to-service
  • WireGuard for site-to-site VPN
  • Database connections over TLS

Key Takeaway

Encrypt all network traffic. TLS for web, mTLS for services, WireGuard for VPN.

securityencryptiontlsvpn
Share:

CORE SYSTEMS team

We build core systems and AI agents that keep operations running. 15 years of experience with enterprise IT.

All articles

More know-how

SSL/TLS certificates in Java applications

Managing SSL certificates in Java keystores. Keytool, truststore, mutual TLS and common HTTPS problems.

SSL/TLS checklist

SSL/TLS checklist — certificates, protocols, HSTS, certificate transparency.

mTLS in Practice

Mutual TLS authentication, certificates, and deployment.