Figure 9 server-side authentication – Sun Microsystems 5.1.1 User Manual

Chapter 4

Section 4.3

Operating SSL

SSL Handshaking

HTTPS eWay Adapter User’s Guide

34

Sun Microsystems, Inc.

Figure 9 Server-side Authentication

ƒ

Dual authentication

: This option requires authentication from both the eWay and

Web server. The server side (Web server) of the authentication process is the same as
that described previously. In addition, however, the Web server requests a
certificate from the eWay. The eWay then sends its certificate to the Web server. The
server, in turn, authenticates the eWay by looking into its TrustStore for a matching
trusted CA certificate. The communication channel is established by the process of
both parties’ requesting certificate information. This option is illustrated in Figure
10.

Client

(eWay)

Server

(Web

Server)

Handshake: Finished

ChangeCipherSpec

Handshake: ServerHelloDone

Handshake: Certificate

Handshake: ServerHello

Handshake: Client Hello

Handshake: ClientKeyExchange

ChangeCipherSpec

Handshake: Finished