SMP/E communicates with the remote IBM Automated Delivery Request server using the HTTP protocol, and all HTTP communications with the server are performed using Secure Sockets Layer (SSL). Both the client (SMP/E) and the server use x.509 certificates to secure communications when using SSL. When initializing an SSL connection with a server, the client requests the server's x.509 certificate to authenticate the server. The server's certificate identifies the server to the client and provides the server's public key.

SSL server authentication allows a client application to confirm the identity of the server application. The client application through SSL uses standard public-key cryptography to verify that the server’s certificate and public key are valid and that the certificate has been signed by a trusted certificate authority (CA) that is known to the client application. The client and the server then use the negotiated session keys and begin encrypted communications.

One of the most important pieces of the SSL server authentication scheme is the trusted certificate authority (CA). Certificate Authorities are trusted organizations that verify information about servers and then issue digital certificates that may be accepted by applications as authentication of server identities when used in a secure handshaking protocol such as SSL. Trusting a certificate issued by a certificate authority is analogous to accepting a passport issued by a national passport agency as proof of identity. We trust that the agency has taken proper measures to verify the identity of the bearer of the passport. In a similar manner, applications may accept certificates signed by a certificate authority.