Very nice explanation. Question: say I use verisign CA, then does it mean anybody in the world who has got their certificate signed by verisign becomes authenticated to my two way ssl server ? Question2: In case I use my own CA and all hosts in my infra are signed with own-CA, is there a way I can restrict some hosts to not to be able to authenticate ?

Great Explanation In real life Scenario, do we need to create certificate externally for the client? Could someone explain who provide the certificate to browser(client) and how it is trusted?

Hello 100bytes. Nice overview! I have 2 questions? #1- Do you have video for setting up other app servers- like OSB (Oracle Service Bus) or Tomcat? #2- can I have permission to use your overview diagram ? I'd like to provide a regular URL link to cite your work (not KZread).

@100bytescom

8 жыл бұрын

+Theresa Strepek 1. Sorry as of now, I don't have tutorials for other servers 2. Yes please go ahead and use it. The diagram is at 100bytes.com/tutorials/weblogic/weblogic-2-way-ssl

How is this going to scale if each one has to store other's scertificate? Consider a server serving 1 million clients. Should it store 1 million client certificate. This is NOT how 2-way SSL works.