Client certificate validation

Asked Mar 05 '23 at 23:48

Active Mar 05 '23 at 23:52

Viewed 276 times

In a mutual TLS connection, both the client and server authenticate each other using digital certificates.

However, when the client presents a certificate, the server only sees the client's IP address and not the domain name to be able to compare it with the domain in the subject of the certificate. In such cases, how can the server verify the client's identity and ensure that the client is who they claim to be?

asked Mar 05 '23 at 23:48

Mr.Eddart

1,003
1
8
6

I googled "Client certificate validation" and those duplicates were the first hit. The second hit is a blog explaining the process in detail with diagrams. – schroeder Mar 05 '23 at 23:54
In addition to the links that schroeder posted, https://cweiske.de/tagebuch/ssl-client-certificates.htm is also instructive. – mti2935 Mar 06 '23 at 02:39

Client certificate validation

0 Answers0