Server and Client Certificate

What is the difference between SERVER CERTIFICATE and CLIENT CERTIFICATE ? When will I use server certificate or client certificate ??

   According to the IIS Webserver that using SSL , Digital Certificate that WEB Server received from CA,is it server or client certificate ?
rotaris357Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ahoffmannCommented:
server certificate
0
cincin77Commented:
there is no difference from the side of the contents of the certificates. In a client/server session one machine is a client and the other is a server.And the certificate that server has is SERVER CERTIFICATE and vice versa.

SSL is a good example for the use of the certificates. Server Certificate is certainly a must, SSL also supports client certificates for the authentication of the client side but it is rarely used and client authentication is usually done with username-password pairs.

As ahoffmann stated the answer of your question is SERVER CERTIFICATE...

0
arvi_samCommented:
Hi,
Most of the answer has already been provided but I would attempt to close this one with some background.

Firstly, Digital Certificates are nothing but containers for public keys. These public keys are used to encrypt the session keys used for symmetric encryption, verify digital signatures etc.

SSL is just one application of Digital Certificates, and the most common one as well. SSL provides authentication, confidentiality and integrity of socket interactions.

When you want to secure your web interactions, you need SSL to ensure confidentiality and integrity of your data flow. Herein SSL also allows the client browser to authenticate the web server, as well as (optionally) the browser can provide a client certificate to the web server, and provided the client certificate is issued by an authority which is recognized by the web server as a legitimate one, this can function as a client authentication mechanism.

Also technically your web server certificate issued by Verisign, Thawte etc. is a Class 3 certificate wherein a notary has to authenticate the certificate owner as owning the asset (domain name) being mentioned in the certificate. Client certificates are issued at lower trust levels, and technically they are termed Class 1 or Class 2 certificates. The lower level of trust is primarily since lesser credentials (and lesser cash!) are required to be presented to obtain these certificates.

Check out RSA Labs FAQ on cryptography (http://www.rsasecurity.com/rsalabs/faq/) for more fundamentals on crypto, certificates etc.

Regards,

Arvind Shyamsundar
Brainbench MVP for Internet Security.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rotaris357Author Commented:
Thanks for the answer , anyway I want to know what each class of CA or Certificate is for and how it is functioned , Is it like DNS system that is separated in any level of system such as "www.yahoo.com",in this way , resolver must query dot com root server before and then to yahoo dns server or sth. like this. Is it the same concept ?


Many Thanks in advances
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.