Mutually authenticated SSL junctions Edit online This section contains the following topics: Mutually authenticated SSL junctions process summaryWebSEAL supports mutual authentication between a WebSEAL server and a back-end server over an SSL junction (–t ssl or –t sslproxy or –t mutual).Validation of the back-end server certificateMatching the distinguished name (DN)Authentication with a client certificateAuthentication with a BA headerParent topic: Advanced junction configurationRelated conceptsTCP and SSL proxy junctionsWebSEAL-to-WebSEAL junctions over SSLStateful junctionsUse of /pkmslogout with virtual host junctionsJunction throttlingManagement of cookiesPassing of session cookies to junctioned portal serversSupport for URLs as not case-sensitiveJunctions to Windows file systemsStandard junctions to virtual hostsUTF-8 encoding for HTTP header dataWebSocketsRelated tasksForcing a new junctionBypassing buffering on a per-resource basisMatching the common name (CN) and subject alternative name (SAN)