Can anyone clarify what is the difference between an X509 certificate and two-way SSL? or both are same?
Asked
Active
Viewed 2,314 times
-1
-
2Does this help you http://security.stackexchange.com/a/1441/10439 ? – Purefan Jan 29 '16 at 09:28
2 Answers
0
X509 is the type for SSL certificates, these can differ in the purpose they have. When using a SSL connection with a server you use a X509 certificate with the purpose of server authentication: TLS Web Server Authentication (1.3.6.1.5.5.7.3.1) when using it for client authentication (2 way SSL) you need a certificate with TLS Web Client Authentication (1.3.6.1.5.5.7.3.2).
Most certificates you buy already have these 2 purposes, you can check this by looking at the extended key usage in the certificate details.
BadSkillz
- 4,444
- 25
- 29
0
An X.509 certificate is a format for sharing a public key along with the name of the entity that holds that public/private key pair and optional extensions such as usage. It is usually signed by a certificate authority in order that it is trusted.
A X.509 certificate is used in many applications that rely on public/private keys for authentication and/or encryption. One example as you point out is SSL/TLS. They are also used in other applications such as secure and/or signed emails using S/MIME. IPSec also uses them. Certificate Authorities use them to derive trust.
So, to answer your question: X.509 is a format for handling certificates. SSL is a protocol that, along with other protocols, uses those certificates.
garethTheRed
- 1,435
- 8
- 12