Use Certificates for Client Certificate Authentication
Different types of certificates are required for performing authentication under the Client Certificate authentication method, which can be implemented for SSL-secured communication.
A client certificate is needed to certify the identity of a client that sends a request to the appliance.
Only if the client is trusted will a request that it sends be accepted. A client is trusted if the certificate that is submitted with the request has been signed by a Root CA (certificate authority) that is trusted.
Under the Client Certificate authentication method, the client certificate is also used for authentication. Authentication is successfully completed if the client certificate that is submitted with a request has been signed by a trusted certificate authority.
A server certificate is needed to certify the identity of a server that is involved in SSL-secured communication.
A server is trusted by a client if the certificate that it sends during the initial steps of the communication has been signed by a Root CA (certificate authority) that is also trusted by the client.
Under the Client Certificate authentication method, a server certificate is needed for the authentication server.
A Root CA (certificate authority) is an instance that signs other certificates.
In SSL-secured communication, a Root CA appears itself as a certificate that can be viewed in the communication process.
If a Root CA is trusted by a client or server, certificates that have been signed by it are trusted as well, which means that if a client or server submits such a signed certificate, it is trusted.