SSL Authentication

Secure Sockets Layer (SSL) protocol uses certificates for authentication. Certificates are digitally signed documents, which bind the public key to the identity of the private key owner. Authentication occurs at connection time, and is independent of the application or the application protocol. Authentication involves making sure that servers with which you communicate are who they claim to be. With SSL, authentication is performed by an exchange of certificates, which are blocks of data in a format described in ITU-T standard X.509. The X.509 certificates are issued, and digitally signed by an external authority known as a certificate authority (CA).

Certificates are used to authenticate clients to servers, and servers to clients; the mechanism used is essentially the same in both the cases. However, the server certificate is mandatory, that is, the server must send its certificate to the client computer. However, the client certificate is optional; some client computers might not support client certificates; others might not have certificates installed. Servers can decide whether client authentication is required for a connection.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*