Illustration of the end devices when calling a website (once with and once without certificate)A web page is reached by calling the address in the browser. Normally you can immediately access the pages of the web server and surf on the pages of the service provider.

Access to web pages can be restricted by means of so-called "client certificates". Such a "client certificate" is issued by the service provider of the web service in the form of a file (e.g. p12-files) and offered to you with a password for installation in your browser.

When accessing such a protected website, the web server requests that "client certificate" from the calling browser. The browser looks at its list and retrieves the appropriate certificate.

If you access a web site that expects a certificate without a certificate, the following message usually appears: "400 Bad Request - No required SSL certificate was sent" or "403 Forbidden".

This page describes for the different browsers how to import and use such a client certificate.