VTEX Shield is an add-on product that provides customizable security layers for your store in addition to the security standards guaranteed by existing certifications and security practices on VTEX.

We've enhanced the advanced security features offered by VTEX Shield. Now, you can request two new features:

• Custom SSL certificates: Allows stores to use their own certificates instead of the default Let's Encrypt.

• Mutual Transport Layer Security (mTLS): Requires mutual authentication between VTEX and external systems, adding an extra layer of protection to API integrations.

These new features increase control over system communication, meeting security and compliance requirements for more complex projects.

VTEX Shield already offered Web Application Firewall (WAF), Security Monitor, and Data Protection Plus as additional security layers. Now, you can also select custom SSL certificates and the mTLS protocol, as described below.

By default, VTEX uses SSL certificates from the Let's Encrypt certificate authority. However, some stores need to maintain direct control over digital certificates to meet specific compliance or security requirements.

With custom SSL certificates, stores with specific security or compliance needs can install and manage their own custom certificates directly through the VTEX Admin.

Learn more in Custom SSL certificates.

The mTLS protocol offers enhanced protection in integrations between VTEX and external systems, such as ERPs, WMSs, or headless stores.

Unlike the traditional TLS protocol, where only the server proves its identity, mTLS ensures mutual authentication by requiring both the client and the server to present valid certificates before exchanging information. This practice reduces the risk of malicious or unauthorized connections.

Learn more in Mutual Transport Layer Security (mTLS).

As integrations with external systems become more complex, the need to ensure authenticity and rigorous control in communications increases. Some stores have specific compliance, audit, and security requirements that go beyond the use of default certificates and one-way authentication.

With these updates, VTEX Shield offers an additional layer of security that allows you to:

• Manage custom SSL certificates to meet internal policies and audit requirements.
• Require mutual authentication between systems to prevent unauthorized accesses.
• Reduce risks in critical integrations, strengthening trust between parties.

These features align VTEX Shield with the most advanced market practices and address the growing demand for security in digital operations.

If you're already a VTEX client and want to enable custom SSL certificates, mTLS, or other VTEX Shield features in your store, contact Commercial Support to request activation and complete the necessary configuration. Additional fees may apply.

If you're not a VTEX client but are interested in these features, please complete our contact form.