Authentication

This message contains the authentication certificate and any other supporting certificates in the certificate chain. The server must send this message if the key exchange method uses certificates for authentication. The client must send this if and only if the server requested client authentication through a CertificateRequest message. The certificate message includes the following fields:

• certificate_list: This field contains a sequence of CertificateEntry structures, each containing a single certificate and a set of extensions
• extensions: Extensions that the Certificate message may contain include the following:
  • status_request: See Determine X.509 certificate revocation status with OCSP
  • signed_certificate_timestamp: TLS clients won’t accept certificates unless they are logged. When a valid certificate is submitted to a log, the log must return a Signed Certificate Timestamp (SCT); see RFC 6962: Certificate Transparency.

This message contains a signature over the entire handshake using the private key corresponding to the public key in the Certificate message. It provides proof that the client or the server has the private key corresponding to its certificate. This message includes the following fields:

• algorithm: This field contains the signature algorithm used.
• signature: This field contains the digital signature using the algorithm.