Print

Server authentication

This section describes the server authentication process. This procedure is the same if you use certificates issued by a trusted in-house or third-party certificate authority — referred to as using your own certificates, or if you use the default certificate installed by AE Services.

  1. The client sends a request to the server for a secure session

  2. The server sends its server certificate to the client.

  3. The client checks the server certificate to determine the following:

    1. If the server certificate is issued by a certificate authority that the client trusts. The client checks the name of the CA. To comply, the name of the certification authority (CA) on the certificate must match the name of the CA on the client’s trusted certificate.

    2. If the server certificate is within its validity window. The client checks to see if the current time falls between the Not Before and Not After dates in the server certificate.

    3. If the common name in the server certificate matches the name of the server to which the client is connected. If the names do not match, the client can not trust the certificate.

When all the security checks are satisfied the client and server can exchange secure messages.

Figure 1. Server authentication