SSL over HTTPS provides a mechanism for mutual server-client authentication. This can be used as an alternative to more commonly used username/password based approach. In this post I am going to show how to set up client certificate authentication in ASP.NET Web API application and how to use delegating handlers to provide custom logic that handles certificates and allows to introduce arbitrary authentication mechanism (eg. role based authentication). I will also show how to import client certificates into XAML Windows Store app and how to use it to authenticate to a HTTP service.