none
What is client side and server side certificate RRS feed

  • Question

  • i have not hands on experience working with certificate but i heard people use certificate at server side to make the transport layer of their web service secured.

    so i have few questions.

    1) when client will consume the web service and send request then transport layer will be secured because client may not use any certificate ?

    2) when client will use certificate then who provide client to use certificate ? the web service company provide certificate to client at free of cost ?

    3) in what kind of situation client has to use certificate to call web service ? is it mandatory for client to use certificate to make their request secured ?

    4) when client do not use certificate just service use certificate then data is passed between client and server securely ?

    please answer few of my questions. thanks

    Wednesday, December 21, 2016 9:33 AM

Answers

  • Hi Mou_inn,

    For description of Client Certificate and Server Certificate, I suggest you refer the link below:

    # Client Certificates V/s Server Certificates

    https://blogs.msdn.microsoft.com/kaushal/2012/02/17/client-certificates-vs-server-certificates/

    For communication with client certificate and server certificate, I suggest you refer this link.

    # Client Certificate Authentication

    https://blogs.msdn.microsoft.com/kaushal/2015/05/27/client-certificate-authentication/

    Best Regards,

    Edward


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    • Marked as answer by Sudip_inn Friday, December 23, 2016 12:46 PM
    Friday, December 23, 2016 2:37 AM
    Moderator
  • Hi Mou_inn,

    >> when we use server side certificate that secure transport layer then why client has to use client certificate ?

    It depends on whether the server has requested client authentication. The client also signs another piece of data that is unique to this handshake and known by both the client and server. In this case, the client sends both the signed data and the client's own certificate to the server along with the encrypted pre-master secret.

    You could refer the link below for more information.

    # Description of the Secure Sockets Layer (SSL) Handshake

    https://support.microsoft.com/en-us/kb/257591

    Best Regards,

    Edward


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    • Marked as answer by Sudip_inn Monday, December 26, 2016 7:28 PM
    Monday, December 26, 2016 9:11 AM
    Moderator
  • when client use certificate then client has to purchase it or service company provide it?
    • Marked as answer by Sudip_inn Wednesday, December 28, 2016 9:04 PM
    Monday, December 26, 2016 7:29 PM
  • Hi Mou_inn,

    It depends on you. You could purchase it from CA or service company.

    Best Regards,

    Edward


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    • Marked as answer by Sudip_inn Wednesday, December 28, 2016 9:04 PM
    Tuesday, December 27, 2016 5:58 AM
    Moderator

All replies

  • Hi Mou_inn,

    For description of Client Certificate and Server Certificate, I suggest you refer the link below:

    # Client Certificates V/s Server Certificates

    https://blogs.msdn.microsoft.com/kaushal/2012/02/17/client-certificates-vs-server-certificates/

    For communication with client certificate and server certificate, I suggest you refer this link.

    # Client Certificate Authentication

    https://blogs.msdn.microsoft.com/kaushal/2015/05/27/client-certificate-authentication/

    Best Regards,

    Edward


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    • Marked as answer by Sudip_inn Friday, December 23, 2016 12:46 PM
    Friday, December 23, 2016 2:37 AM
    Moderator
  • thanks for your link but still one things is not clear that when we use server side certificate that secure transport layer then why client has to use client certificate ?

    suppose client is calling a web service which is using certificate at server side then client can call service without any certificate and data passed from client side in secure way because certificate has been used at server side then why client need to use his side certificate ?

    please drive out my confusion. tell me a scenario where client has to use certificate.

    thanks

    Friday, December 23, 2016 12:53 PM
  • Hi Mou_inn,

    >> when we use server side certificate that secure transport layer then why client has to use client certificate ?

    It depends on whether the server has requested client authentication. The client also signs another piece of data that is unique to this handshake and known by both the client and server. In this case, the client sends both the signed data and the client's own certificate to the server along with the encrypted pre-master secret.

    You could refer the link below for more information.

    # Description of the Secure Sockets Layer (SSL) Handshake

    https://support.microsoft.com/en-us/kb/257591

    Best Regards,

    Edward


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    • Marked as answer by Sudip_inn Monday, December 26, 2016 7:28 PM
    Monday, December 26, 2016 9:11 AM
    Moderator
  • when client use certificate then client has to purchase it or service company provide it?
    • Marked as answer by Sudip_inn Wednesday, December 28, 2016 9:04 PM
    Monday, December 26, 2016 7:29 PM
  • Hi Mou_inn,

    It depends on you. You could purchase it from CA or service company.

    Best Regards,

    Edward


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    • Marked as answer by Sudip_inn Wednesday, December 28, 2016 9:04 PM
    Tuesday, December 27, 2016 5:58 AM
    Moderator