TLS 1.3 normally forces a choice: authenticate with certificates or with a pre-shared key, but not both in the same handshake. Combining them gives you a second, independent root of trust that survives even if the first one falls — and wolfSSL now supports both doing this and requiring it.
The foundation is RFC 8773, which defines the tls_cert_with_extern_psk extension. It lets certificate-based authentication be combined with an external PSK mixed into the TLS 1.3 key schedule, enabled in wolfSSL with the WOLFSSL_CERT_WITH_EXTERN_PSK build option. The RFC’s explicit motivation is quantum resilience: certificate authentication and (EC)DHE both rest on public-key algorithms that a large-scale quantum computer would break, so feeding a strong external PSK into the key schedule keeps the session confidential even if the (EC)DH exchange is later broken by cryptanalysis or a quantum computer.
Supporting the extension is one thing; guaranteeing it is used is another. A handshake can otherwise complete without an external PSK and quietly fall back to certificates only. wolfSSL now closes that gap with the new wolfSSL_CTX_require_psk() / wolfSSL_require_psk() APIs, which require an external PSK for a (D)TLS 1.3 handshake to succeed — otherwise the handshake is aborted. Forward secrecy is preserved by requiring an (EC)DHE exchange, and combined with WOLFSSL_CERT_WITH_EXTERN_PSK this ensures peers are authenticated by both the certificate and the PSK, with no way to silently drop one.
Together, these turn the PSK into a deliberate security fallback: full certificate-based authentication for everyday use, backed by a shared secret that keeps protecting the session if public-key algorithms are ever broken. For deployments that can’t yet migrate to post-quantum algorithms — long-lived embedded devices, constrained systems, fielded hardware that’s hard to update — it’s a practical path toward quantum resistance today.
Interested in trying it, or discussing how it fits your embedded or post-quantum roadmap? Reach out at facts@wolfssl.com.
If you have questions about any of the above, please contact us at facts@wolfssl.com or call us at +1 425 245 8247.
Download wolfSSL Now

