Certificate authentication raises two very specific risks.
证书身份验证可能导致两种非常特殊的风险。
You are using client certificate authentication to the Web server.
您正在对Web服务器使用客户端证书身份验证。
The application server must trust that the Web server has done proper certificate authentication.
应用服务器必须信任Web服务器已经正确地完成证书身份验证。
You must configure the application server Web container to perform client certificate authentication.
您必须配置该应用服务器Web容器以执行客户端证书身份验证。
Certificate authentication in this scenario really means "is the server providing a valid certificate?"
在此场景中的证书认证实际上意味着“是服务器提供了有效的证书吗?”
You are using client certificate authentication to the Web server as discussed in the previous section.
像前一小节讨论的一样,使用客户机证书向Web服务器验证身份。
Identification authentication server provides password authentication and digital certificate authentication.
身份认证服务器提供口令认证和数字证书认证两种方式。
SSL certificate authentication merely determines that the certificate is valid, not who the certificate represents.
SSL证书身份验证仅仅确定证书的有效性,而不关心该证书代表谁。
When using client certificate authentication for Web clients, realize that the Web server is now part of your trust domain.
在对Web客户端使用客户端证书身份验证时,要意识到Web服务器现在是信任域的一部分。
If you do not want cell a to trust cell b, use certificate authentication for the server to server authentication step, not basic auth.
如果不希望计算单元a信任计算单元b,则请在服务器身份验证步骤中为服务器使用证书身份验证,而不是采用基本身份验证。
Setting this informs WebSphere Application Server that inbound requests should be authenticated using client certificate authentication.
对此的设置将通知WebSphereApplicationServer应该使用客户端证书身份验证对内部请求进行身份验证。
In summary, because SSL USES certificate authentication, each side of the SSL connection must possess the appropriate keys in a key store file.
总之,因为SSL使用证书身份验证,所以SSL连接的每一端都必须持有密钥存储文件中的适当密钥。
Notice what wasn't required: SSL certificate authentication merely determines that the certificate is valid, not who the certificate represents.
请注意什么不是必需的:ssl证书身份验证仅仅确定证书的有效性,而不关心该证书代表谁。
The link from WebSEAL to the Web server must use client certificate authentication, and the same must be true for the link from the Web server to the application server.
从WebSEAL到ApplicationServer的链接必须使用客户证书认证,同样的,从Web服务器到应用程序服务器的链接也必须使用客户证书认证。
As a practical matter, except for special case situations using self-signed certificates and server to server communication, this makes certificate authentication infeasible.
从实践的角度来看,这就使得证书身份验证不可行,使用自签署证书和服务器来进行服务器通信的特殊情况除外。
Through study on SSL and its key technology, it is recommended that the SSL-based certificate authentication can be used as client access control method in database systems.
本文通过对SSL及其关键技术的研究,提出了在网络数据库系统的用户访问控制中使用基于SSL和证书的双向身份认证。
When using certificate authentication (client or server), you need to understand that each signer in the trust store represents a trusted provider of identity information (a certificate).
在使用证书身份验证(客户端或服务器)时,您需要理解信任存储库中的每个签署者都代表一个身份信息(证书)的受信任提供者。
The application server Web container must be configured to perform client certificate authentication, and its trust store must be altered to include only the client certificate that WebSEAL is using.
必须配置应用服务器Web容器以执行客户机证书身份验证。还必须更改其信任存储库,使之只包含WebSEAL 正在使用的客户机证书。
The system USES a dual-factor authentication method and a digital certificate authentication protocol during the process of authentication, which strengthens the security of the system effectively.
在认证过程中,本系统采用双因素认证方法和数字证书强认证协议,有效增强系统的安全性。
If client authentication is to be employed for the connection, the server also sends a request for the client's certificate.
如果客户机还要为这个连接进行认证,那么服务器还会发送一个请求,索取客户机的证书。
The application loads and displays the details of the certificate you have selected for authentication.
该应用程序将加载和显示选择用来进行身份验证的证书的详细信息。
It covers how to overcome common problems, such as certificate handling and authentication.
它涉及到了怎样克服常见的问题,例如确认处理和认证。
OPTIONAL - if the peer SSL client sends a certificate, the certificate is processed as normal but authentication does not fail if no certificate is sent.
OPTIONAL——如果对等ssl客户端发送一个证书,则该证书被正常处理;如果该客户端不发送任何证书,验证并不失败。
As mentioned above, once SSL validates the certificate, the authentication process is over from SSL's perspective.
正如刚刚提到的,一旦SSL检验过证书,从SSL的角度来看身份验证过程就结束了。
Configuring SSL to filter on the distinguished name in a certificate provides an effective form of authentication.
将SSL配置为根据证书中的专有名称进行筛选,这样可以提供一种有效的身份验证方式。
Figure 1 shows the basic process of creating a certificate using a ca and distributing it, in this case, to perform server authentication with SSL.
图1中显示了使用CA创建证书和分发的基本流程,对于本例,用于通过SSL执行服务器身份验证。
SSH offers certificate based authentication, strong encryption, and other features, and is considered to be far more secure.
SSH提供基于验证的证书、强加密和其他特性,并且被认为安全多了。
The LIPKEY mechanism can be used when the initiator (client) does not have a certificate and instead USES a user ID and password for authentication.
当发起者(客户机)没有证书而是使用用户ID和口令进行验证身份时,就可以使用LIPKEY机制。
The LIPKEY mechanism can be used when the initiator (client) does not have a certificate and instead USES a user ID and password for authentication.
当发起者(客户机)没有证书而是使用用户ID和口令进行验证身份时,就可以使用LIPKEY机制。
应用推荐