The process of server authentication is the same if you use certificates issued by a trusted in-house or third-party CA, or if you use the default AE Services certificate.

The following diagram shows the process of server authentication:

The client checks the following details of the server certificate:

• The server certificate is issued by a CA that the client trusts. The name of the CA on the certificate must match the name of the CA on the trusted client certificate.

• The server certificate is valid.

• The CN in the server certificate matches the name of the server to which the client is connected. If the names do not match, the client cannot trust the certificate.

After a successful authentication, the client and server can exchange secure messages.