1. Digital Signature
Webservice
Trusted Client
Untrusted Client
Server generates a Key
Store with private Key
Private Key
server.jks
Client generates a key
store with private key
Private Key
client.jks
Server generates a
Public certificate from
its private key
Server
Certificate
server.cert
Client generates a Public
certificate from its private key
Client
Certificate
client.cert
Server sends it certificate
to client
2. Trusted Client
Untrusted Client
Private Key
client.jks
Digital Signature
Webservice
Private Key
server.jks
Client
Certificate
client.cert
Server
Certificate
server.cert
Client imports
the server
certificate into
its keystore
client.jks
Server imports
the client
certificate into
its keystore