Thank you Mr.Laz. Now i understand. I do have another question amd i am trying to understand how it works. The subject is Certificate-Based Authentication.
I will try to explain and tell me if i am wrong. I looked in Internet to find an explanation but i don’t understand it so well.
So there is Certificate Authority and 2 devices. If i want to talk with a server, the PC will present his certificate who was signed By the CA. The server has also a certificate signed by the same CA. So when i want to talk with the server and i present my certificate then the server will check my certificate is really signed or not by the CA and its validity. If ok i am granted access to the network. But in the same time i will authenticate also the server, i think i do the same thing and i will look for the signature of the CA and its validity. Did i explain it well? How it works with the keys or the exchange. i am so sorry if i ask too much 
one last thing , why we really need to install a root CA in our devices?
Best regards
Mina