Admin workflow for client certificate authentication

Client authentication is a method for users to securely access a remote station (via a browser) by exchanging a client certificate with the remote station. The certificate effectively represents a user identity and handles logging-in and authenticating to the station.

Only the user (client) should have access to the certificate with the private key for client certificate authentication. However, the certificate with the public key can be emailed and shared. For this workflow, the station administrator first gets the user's client certificate with its public key, creates the station user account, and assigns the certificate with the public key in the server authenticator. The following procedure details this configuration method.