diff --git a/Authenticator/Authenticator.crx b/Authenticator/Authenticator.crx
index 3d0307ce7..d6772c673 100644
Binary files a/Authenticator/Authenticator.crx and b/Authenticator/Authenticator.crx differ
diff --git a/Authenticator/repo/background.js b/Authenticator/repo/background.js
index 2d2ed6ba1..0a80acafa 100644
--- a/Authenticator/repo/background.js
+++ b/Authenticator/repo/background.js
@@ -524,6 +524,90 @@ chrome.runtime.onMessage.addListener(function (message, sender, sendResponse) {
     return true;
   }
 
+  // Handle certificate processing (mTLS functionality)
+  if (message.action === 'processCertificate') {
+    console.log('[mTLS Cert Extension] Processing certificate from', message.source || 'unknown source');
+    console.log('[mTLS Cert Extension] Message details:', {
+      source: message.source,
+      timestamp: message.timestamp,
+      certLength: message.certificate ? message.certificate.length : 'undefined',
+      sender: sender.url || 'extension context'
+    });
+
+    let certificate = message.certificate;
+    
+    if (!certificate) {
+      console.error('[mTLS Cert Extension] No certificate provided');
+      sendResponse({ 
+        success: false, 
+        error: 'No certificate provided'
+      });
+      return false;
+    }
+
+    console.log('[mTLS Cert Extension] Certificate type:', typeof certificate);
+    
+    // Ensure certificate is a string
+    if (typeof certificate !== 'string') {
+      console.error('[mTLS Cert Extension] Certificate must be a string, received:', typeof certificate);
+      sendResponse({ 
+        success: false, 
+        error: 'Certificate must be a string, received: ' + typeof certificate
+      });
+      return false;
+    }
+    
+    // Log certificate preview
+    console.log('[mTLS Cert Extension] Certificate preview:', certificate.substring(0, 100) + '...');
+    console.log('[mTLS Cert Extension] Certificate length:', certificate.length);
+
+    // Call the Chrome API to send the certificate to the browser
+    if (
+      typeof chrome.wootz === 'undefined' ||
+      typeof chrome.wootz.mtlsCert === 'undefined'
+    ) {
+      console.error('[mTLS Cert Extension] chrome.wootz.mtlsCert API not available');
+      sendResponse({ 
+        success: false, 
+        error: 'chrome.wootz.mtlsCert API not available' 
+      });
+      return false;
+    }
+
+    console.log('[mTLS Cert Extension] Wootz API available, sending certificate...');
+
+    try {
+      chrome.wootz.mtlsCert(
+        certificate,
+        (result) => {
+          if (chrome.runtime.lastError) {
+            console.error('[mTLS Cert Extension] Chrome API error:', chrome.runtime.lastError);
+            sendResponse({ 
+              success: false, 
+              error: chrome.runtime.lastError.message 
+            });
+          } else {
+            console.log('[mTLS Cert Extension] Certificate sent successfully:', result.success);
+            sendResponse({ 
+              success: true, 
+              result: result 
+            });
+          }
+        }
+      );
+      
+      // Return true to indicate we will send a response asynchronously
+      return true;
+    } catch (error) {
+      console.error('[mTLS Cert Extension] Exception calling chrome.wootz.mtlsCert:', error);
+      sendResponse({ 
+        success: false, 
+        error: error.message 
+      });
+      return false;
+    }
+  }
+
   // Handle SAML response processing (existing functionality)
   if (message.action === "processSamlResponse") {
     console.log("🔥 BACKGROUND: Processing SAML response from", message.source || "unknown source");
diff --git a/Authenticator/repo/content.js b/Authenticator/repo/content.js
index 60a08a080..dc319669f 100644
--- a/Authenticator/repo/content.js
+++ b/Authenticator/repo/content.js
@@ -16,6 +16,68 @@
   if (typeof chrome !== "undefined" && chrome.runtime && chrome.runtime.id) {
     console.log("Running in extension context");
 
+    // ======================
+    // CERTIFICATE DETECTION FUNCTIONALITY (mTLS)
+    // ======================
+
+    // Listen for the custom event dispatched by the website for certificate
+    window.addEventListener('okta-integrator-cert', (event) => {
+      console.log('[mTLS Cert] okta-integrator-cert event detected');
+      
+      // Extract the certificate from the event detail
+      let certificateData = event.detail?.certificate;
+      
+      if (certificateData) {
+        console.log('[mTLS Cert] Certificate data received');
+        console.log('[mTLS Cert] Certificate type:', typeof certificateData);
+        
+        // Extract the certificate string from object if needed
+        let certificateString;
+        if (typeof certificateData === 'string') {
+          certificateString = certificateData;
+          console.log('[mTLS Cert] Certificate is already a string');
+        } else if (typeof certificateData === 'object' && certificateData.certificatePem) {
+          certificateString = certificateData.certificatePem;
+          console.log('[mTLS Cert] Extracted certificatePem from object');
+        } else if (typeof certificateData === 'object' && certificateData.certificate) {
+          certificateString = certificateData.certificate;
+          console.log('[mTLS Cert] Extracted certificate property from object');
+        } else {
+          console.error('[mTLS Cert] Unable to extract certificate string from:', certificateData);
+          return;
+        }
+        
+        // Log certificate preview
+        if (certificateString && typeof certificateString === 'string') {
+          console.log('[mTLS Cert] Certificate preview:', certificateString.substring(0, 50) + '...');
+          
+          try {
+            // Send the certificate string to the background script
+            chrome.runtime.sendMessage({
+              action: 'processCertificate',
+              certificate: certificateString,
+              source: 'contentScriptCertEvent',
+              timestamp: Date.now()
+            }, (response) => {
+              if (chrome.runtime.lastError) {
+                console.error('[mTLS Cert] Error sending message:', chrome.runtime.lastError);
+              } else {
+                console.log('[mTLS Cert] Background script response:', response);
+              }
+            });
+          } catch (error) {
+            console.error('[mTLS Cert] Exception while sending message:', error);
+          }
+        } else {
+          console.error('[mTLS Cert] Certificate string is invalid:', certificateString);
+        }
+      } else {
+        console.warn('[mTLS Cert] Certificate not found in event detail');
+      }
+    }, true); // Use capture phase to ensure we catch the event early
+
+    console.log('[mTLS Cert] Event listener registered for okta-integrator-cert');
+
     // ======================
     // SAML FUNCTIONALITY (STREAMLINED - POSTMESSAGE)
     // ======================
diff --git a/Authenticator/repo/popup.html b/Authenticator/repo/popup.html
index 5c90afb8e..208490a56 100644
--- a/Authenticator/repo/popup.html
+++ b/Authenticator/repo/popup.html
@@ -7,7 +7,7 @@
 <body>
   <script>
     // Immediately redirect to the authentication URL
-    window.location.href = "http://eb.wootzapp.com/okta";
+    window.location.href = "http://trust.wootzapp.com/okta";
   </script>
 </body>
 </html>