A certificate to be used for authenticating the user.
In order to use public key authentication, SSHClientCert must contain a certificate with a valid private key. The certificate's public key value is sent to the server along with a signature produced using the private key. The server will first check to see if the public key values match what is known for the user and then will attempt to use those values to verify the signature.
SSHClientCert is used in conjunction with the SSHClientCertSubject field in order to specify client certificates. If SSHClientCert has a value, and SSHClientCertSubject is set, a search for a certificate is initiated. Please refer to the SSHClientCertSubject field for details.
Designations of certificate stores are platform-dependent.
The following are designations of the most common User and Machine certificate stores in Windows:
|MY||A certificate store holding personal certificates with their associated private keys.|
|CA||Certifying authority certificates.|
|SPC||Software publisher certificates.|
In Java, the certificate store normally is a file containing certificates and optional private keys.
When the certificate store type is PFXFile, this property must be set to the name of the file. When the type is PFXBlob, the property must be set to the binary contents of a PFX file (i.e. PKCS12 certificate store).