When enabling SSL on a server (Domino or otherwise) and you require client authentication
certificates, does the client need to request a certificate from the same authority the server?s
certificate is issued from?
No, I do not believe it is necessary for the server and client certificates to be from the same certifying authority. They are used for different purposes. The server certificate verifies the identity of the server and helps to encrypt network traffic. The client certificate verifies the identity of the client to the server.
This was first published in May 2001