In the modern world of communications with access to everything, servers need to verify the client's identity to prevent malicious clients from gaining access to read or change the server content. Clients need to be able to trust that the servers are set up properly to prevent malicious parties from accessing content and provide false content.
By using X.509 certificates for authentication and encryption along with a certificate revocation list you can minimize the risk of attacks. A key component to ensuring level of access is following the IETF RFC guidelines for NETCONF or RESTCONF over TLS or SSH and always checking if the certificate is self-signed or if the certificate is signed by a trusted CA and if the certificate has been revoked.
Download this application note to learn how NETCONF and RESTCONF clients and servers can be set up to use X.509 certificates to identify themselves to each other and set up secure connections between them so that malicious components can’t get involved in these communications.