Typically with HTTPS communication, the authentication works only one way

## Feature Typically with HTTPS communication, the authentication works only one way: the client verifies the identity of the server. For applications that require the load balancer to authenticate the identity of clients that connect to it, regional external Application Load Balancer, regional internal Application Load Balancer, and cross-region internal Application Load Balancer support mutual TLS (mTLS). With mTLS, the load balancer requests that the client send a certificate to authenticate itself during the TLS handshake with the load balancer. You can configure a trust store that the load balancer uses to validate the client certificate's chain of trust. For details, see the following: * [Mutual TLS authentication](https://cloud.google.com/load-balancing/docs/mtls) * [Set up mutual TLS for a regional external Application Load Balancer](https://cloud.google.com/load-balancing/docs/https/setting-up-mtls-reg-ext-http-lb) * [Set up mutual TLS for a regional internal Application Load Balancer](https://cloud.google.com/load-balancing/docs/l7-internal/setting-up-mtls-reg-int-http-lb) * [Set up mutual TLS for a cross-region internal Application Load Balancer](https://cloud.google.com/load-balancing/docs/l7-internal/setting-up-mtls-reg-int-http-lb) This capability is in **Preview**. Global external Application Load Balancer and global external Application Load Balancer (classic) already support frontend mTLS(General Availability).