text/plain ericlaw talks about security, the web, and software in general While most HTTPS sites only authenticate the server (using a certificate sent by the website), HTTPS also supports a mutual authentication mode, whereby the client supplies a certificate that authenticates the visiting user’s identity. Such a certificate might be stored on a SmartCard, or used as a part of an OS identity fea
![Client Certificate Authentication](https://cdn-ak-scissors.b.st-hatena.com/image/square/d0e6af8cd954f189550243526d09b609b63d260c/height=288;version=1;width=512/https%3A%2F%2Ftextplain.files.wordpress.com%2F2022%2F05%2Fimage-8.png)