...
Ubisecure Certificate Authentication Provider is a standalone SAML IdP that performs client certificate authentication. This allows users to authenticate using browser-based client certificates or integrate with smart-card based client certificates. It is configured as an Authentication Method of the Ubisecure Authentication Server.
Ubisecure Certificate Authentication Provider is a standard Java Servlet web application deployed on a pre-configured standalone Apache Tomcat application server that is included in the distribution package.
...
Client certificate or smart card authentication is based on asymmetric authentication on SSL or TLS connections. During the authentication process the client sends an X.509 certificate to the server. The server is required to perform a set of validation tasks on the certificate, based on the defined PKI policy before the certificate presented by the client is accepted for authentication.
The Ubisecure Certificate Authentication Provider implements client certificate authentication. It is the responsibility of the Authentication Provider to implement all required validation tasks on the certificate before the Authentication Provider is allowed to forward the authenticated identity to Ubisecure Server.
The standard process flow is shown in Figure 4 and described below:
...