[WEBINAR] Application Acceleration: Faster Performance for End Users

Client Authentication Certificate

Definition - What does Client Authentication Certificate mean?

A client authentication certificate is a certificate used to authenticate clients during an SSL handshake. It authenticates users who access a server by exchanging the client authentication certificate.

Client authentication is identical to server authentication, with the exception that the telnet server demands a certificate from the accessing client. This is to verify that the client is who they claim to be. This eliminates the listing of anonymous entries in a database's user activity log when an Internet user accesses the server.

Clients can obtain client authentication certificates from an external certification authority (CA) like VeriSign. Another way is to create a self-signed certificate, which clients can use while waiting for a client certificate from the CA.

Techopedia explains Client Authentication Certificate

A client authentication certificate must be an X.509 certificate signed by a CA trusted by the server. When a certificate is requested by the server, the client can either send the certificate or try to connect without one. The server then permits the connection if it trusts the client certificate. If the client is attempting to establish a connection without a client certificate, the server may permit the connection, but at a lower security range.

Similar to a server certificate, CAs can issue client authentication certificates with distinct classes. The classes reveal the level of investigation done by the CA to verify the identity of the client requesting the client certificate. These are usually out-of-bandwidth procedures like face-to-face interaction with the client. Classes are particularly important when the certificates are issued by an external CA because it is important to ensure that the CA took all the necessary steps to verify the client's identity.

All client authentication certificates include some or all of the following info:

  • SSL version number, certificate's serial number, and other information that represents the certificate
  • CA name
  • Client name
  • Certificate validity (expiration date of the certificate)
  • Public and private key pairs
  • Additional info, based on the x.509 certificate version
  • CA's digital signature

Techopedia Deals

Connect with us

Techopedia on Linkedin
Techopedia on Linkedin
"Techopedia" on Twitter

Sign up for Techopedia's Free Newsletter!

Email Newsletter

Join thousands of others with our weekly newsletter

Free Whitepaper: The Path to Hybrid Cloud
Free Whitepaper: The Path to Hybrid Cloud:
The Path to Hybrid Cloud: Intelligent Bursting To Amazon Web Services & Microsoft Azure
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.