Mobile app version of vmapp.org
Login or Join
Lengel546

: What is "SSL Server-Client Authentication"? In comparing different SSL certificates I see "Server-Client Authentication" listed as a benefit of a paid certificate over a free one. (see it here)

@Lengel546

Posted in: #SecurityCertificate

In comparing different SSL certificates I see "Server-Client Authentication" listed as a benefit of a paid certificate over a free one. (see it here)

But what exactly is this added benefit that basic SSL does not already provide?

EDIT: This other link here does NOT answer this my question. In other words, if you search that other question for the term, "Server-Client Authentication", it's not found.

10.02% popularity Vote Up Vote Down


Login to follow query

More posts by @Lengel546

2 Comments

Sorted by latest first Latest Oldest Best

 

@Frith620

Server program should have access to the server certificate, which contains the server's identity, private key and public key.

In the handshake process, the server will extract the server's public certificate and send it to the client site.

From the client side, the client program should be able to authenticate the server's identity .Server authentication seems to be always required to their site.

10% popularity Vote Up Vote Down


 

@Eichhorn148

The conext sensitive help on the StartSSL website states:


Combined Server and Client Authentication support with SSL/TLS server certificates


This appears to be a feature related to requiring your users to have personal security certificates installed in their web browser. From webadmns.blogspot.com/:

If you enable client authentication, the server validates clients by checking for trusted certificate authority, Known as CA root certificates in the local key database. To enable client authentication, you need to use SSLClientAuth directive.

... The server requires a valid certificate from all clients and returns a 403 status code if no certificate is present.


A friend of mine started a company called CryoKey that lets you generate a personal certificate that gets installed in your web browser. This type of certificate would be the type used for both client and server authentication.

10% popularity Vote Up Vote Down


Back to top | Use Dark Theme