Client authentication is similar to server authentication. For client authentication, the server requests the client to provide the client certificate.

The following diagram shows the process of client authentication on the server:

The server checks the following details of the client certificate:

• The client certificate is issued by a CA that the server trusts. The name of the CA on the certificate must match the name of the CA on the trusted server certificate.

• The client certificate is valid.

After a successful authentication, the client and server can exchange secure messages.