where to purchase client certificates

Thread view:

Rob D - 28 Nov 2004 00:39 GMT

I have written a Java application that uses a client certificate to
authenticate (login) to a realm (domain) on Tomcat. During development
I used Java's keytool utility to generate the certificate. Now it is
time for my application to go to production and I must purchase a
certificate from a trusted CA. I have looked on all the major CA
websites and have not seen anyone offering a "client certificate".
Lots of SSL certificates, email certificates and code signing
certificates but no "client certificate". Can anyone point me to a CA
that offers a client certificate? I am not a security specialist and
do not know exactly what I am looking for.

Reply to this Message

Edward A. Feustel - 28 Nov 2004 11:46 GMT

>I have written a Java application that uses a client certificate to
> authenticate (login) to a realm (domain) on Tomcat. During development
[quoted text clipped - 6 lines]
> that offers a client certificate? I am not a security specialist and
> do not know exactly what I am looking for.

Rob,
Almost any client certificate including e-mail ones will work. Using SSL
with mutual authentication
gets the client information to the service which can decide on the basis of
that information what
authorizations to give to the client. You just have to get your certificate
(and private key) in the store that the application uses and convince your
application to use that certificate.
Ed

Reply to this Message

where to purchase client certificates

Free Magazines