Schannel protocols require credentials to authenticate servers and optionally, clients. Server authentication, where the server provides proof of its identity to the client, is required by the Schannel security protocols. Client authentication may be requested by the server at any time.
Schannel credentials are X.509 certificates. Public and private key information from certificates is used to authenticate the server and optionally, the client. These keys are also used to provide message integrity while client and server exchange the information required to generate and exchange session keys.
For programming information, see Obtaining Schannel Credentials.