Double authentication of server and client

Problem presentation ：

When visiting a website , To confirm the authenticity of the website （ Not a fake website ）, You can install the website through the server SSL Certificate to implement . The method of accessing the website is also determined by http Change the link to https link , In the transmission process SSL encryption . Make sure the website is trusted , Data transmission security .

At present SSl There are many certification bodies , Just like the businesses that provide virtual hosts , But when choosing , We need to see its qualifications , Have you passed the certification of relevant international institutions . A chance , Collect Wosign This domestic company , The most important reason is that they now offer free DV certificate （ Lowest level SSL certificate , Free use within three years ）, There are detailed applications on the company's website 、 Configuration is introduced .

By setting up a certificate for a website , On the server side https After visiting, you can see that there is a lock beside the open web page , The prompt is encrypted transmission . Click the lock pattern , You can see the certificate of the website , Who signed it , Issued to that website , In this way, you can judge the authenticity of the website through the domain name .DV The reason why the certificate is the lowest level certificate , The reason is that it is only given to the real owner of a domain name （ Actual controller ） Issue a certificate . A higher-level certificate will display a series of information such as the organization name , Increase the basis for visitors to judge . Personal website DV The certificate is enough , Just learn https Just link .

SSL certificate （ Server certificate ） Just prove to the visitors who I am . Usually when building a website , Will there be such a need , Only allow certain people to visit your website , People without authorization cannot access . It's a naive way not to tell others the website , Others will always get your address ; by the way , Set the user name on the page 、 password , This requires opening the page before authentication , And you know , user name 、 Password cracking is not too difficult for some people . Then send a certificate to the visitor , by the way , This is the client certificate . Just like when you log in to online banking, you must have U Disk certificate or this document certificate to prove that you are you .

How to install the client certificate ？（ To be continued ）