You can use Secure Sockets Layer (SSL) authentication to communicate securely with a directory server. Two variants are allowed:
Simple SSL authenticates the server only, whereas, Authenticated SSL authenticates both the client and the server.
Both variants require the client to be initialized with the trusted public certificate of the directory server, or the public certificate of the directory server's certificate authority. The trusted public certificates of servers are stored in the cacerts keystore file, located in the security directory, under JXplorer.
In addition to the above, Authenticated SSL requires the registration of the client's trusted public certificate (or the public certificate of the client's certificate authority) with the directory server, and use of the client's private key. Trusted public certificates and private keys of clients are stored in the clientcerts keystore file, located in the security directory, under JXplorer.
When you add or delete a certificate, or private key, the keystore files are updated and encrypted. You can set a password to stop unauthorized changes to these files.