User Tools

Site Tools

Trace: filesystem_usage_delete_files ssl_overview
ssl_overview

This is an old revision of the document!

SSL Overview


Certificate

The SSL certificate contains information about the certificate:
- Domain Name(s)
- Public Key
- Company
- Issue Date
- Expiry Date
- Issuer
And more

Client encrypts their messages with a public key supplied by the website that ONLY the server can decrypt with their private key
NOTE: This private key needs to be stored in a safe location on the server with the correct permissions and so it is NOT accessible by anyone outside the server

Step 2

To prevent a 'man-in-the-middle' attack on the certificate, this cert is cryptographically signed by someone else's private key so that the signature can be verified by anyone who has the corresponding public key.
= Certificate Authorities = Certificate Authorities (CA) sells their private key as a service to sign certificates for companies.
A private key from a vendor such as 'Thawte', 'Verisign' etc can be used as nobody else can gain access to this key. NO one can forge their signature.

ssl_overview.1462896115.txt.gz · Last modified: 2024/05/23 07:26 (external edit)
Except where otherwise noted, content on this wiki is licensed under the following license: Public Domain
Public Domain Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki