SSL MUTUAL AUTHENTICATION

 SSL Mutual Authentication using digital certificates takes place in two stages. The web server identifies itself with SSL clients with server side certification. Database of Certificate Authority root is used by the web server for validating clients accessing server with client side certification.

Database of Certificate Authority Root Certificates is used by Web Server for validating clients accessing the server with client side certificates. The client finds out whether the certificate's issuer can be trusted and accepted. The browser of the client contains a list of root certificates from trusted CAs and in case the web server certificate signature matches the root certificates then the server can definitely be trusted.

In case there is no match for the signature then the browser informs user regarding the certificate being issued by an unknown certificate authority and it’s the responsibility of the owner to accept or reject the certificate.

In case there is no match for signature SSL error code is generated which is sent to the client and in case there is a match then client can be trusted and client authentication can take place.