> But there is a way in which the server sends a test( for example a random number) and the client signs it with his private key right? It's called mutual (or client-side) authentication and is part of the TLS protocol. The client must have an X.509-style certificate.