The CommuniGate Pro Server supports the Client Certificate authentication method. This method can be used when clients connect to the Server via secure SSL/TLS connections. The Server may request a client to send a Client Certificate (installed on the client computer), signed with the Trusted Certificate selected on the Server for the target Domain.
If a client sends such a Certificate, the E-mail address specified in the Certificate subjectAltName element (if any) or in the Subject element E-mail field can be used for the Certificate-based Authentication. It is is interpreted as the name of the CommuniGate Pro Account to log into.
Note: after the supplied E-mail address is processed with the Router, it checks that the target Account belongs to the same Domain as the Domain the used to verify the supplied Certificate, so Administrators of one Domain cannot create Certificates allowing users to access Accounts in other CommuniGate Pro Domains.
Only Accounts with enabled Certificate Authentication method can be accessed using Client Certificates.
See the PKI section for more details.