Personal opinion: Two-way authentication and one-way authentication have different functional requirements. The former requires the server to authenticate the client to improve security; the latter requires complete trust in the client, after all, sometimes it is to protect user data. And it has nothing to do with whether it is issued by the CA organization.
The above may not be accurate and is only based on personal knowledge and discussion.
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
Can also be generated by openssl tool
Personal opinion: Two-way authentication and one-way authentication have different functional requirements. The former requires the server to authenticate the client to improve security; the latter requires complete trust in the client, after all, sometimes it is to protect user data. And it has nothing to do with whether it is issued by the CA organization.
The above may not be accurate and is only based on personal knowledge and discussion.
That is to say, the server certificate and the client certificate are two certificates, and both need to be applied for, right?
It is certified by CA and generated locally using openssl tool.