So what is the difference between client and server Secure Sockets Layer (SSL) certificates? Although client certificates and SSL server certificates both use certificates, they are not directly related to each other. SSL server certificates provide encryption and security functionality. Client certificates provide user authentication functionality. The client certificate identifies the user, the server certificate identifies the server.
Here is the technical difference between the two. The difference lies in the Certificate Extensions. The X.509 standard defines what information can go into a certificate, and describes how to write it down (the data format). X.509 Version 3 is the most recent (1996) and supports the notion of extensions.
This tech note by Mozilla describes the Certificate Extensions in detail. But here are the extensions which are necessary for a client certificate:
basicConstraints = CA:FALSE
nsCertType = client
keyUsage = digitalSignature, keyEncipherment
extendedKeyUsage = clientAuth
If you want to know how to create such a client certificate, see my last blog entry.