none
How Does the SSL Certificate Create a Secure Connection RRS feed

  • Question

  • i was reading that How Does the SSL Certificate Create a Secure Connection. i got few point but not very clear, those are as follows.

    1) Browser connects to a web server (website) secured with SSL (https). Browser  
       requests that the server identify itself.
    
    2) Server sends a copy of its SSL Certificate, including the server’s public key.
    
    3) Browser checks the certificate root against a list of trusted CAs and that the 
       certificate is unexpired, unrevoked, and that its common name is valid for the  
       website that it is connecting to. If the browser trusts the certificate, it 
       creates, encrypts, and sends back a symmetric session key using the server’s public
       key.
    
    4) Server decrypts the symmetric session key using its private key and sends back an
       acknowledgement encrypted with the session key to start the encrypted session.
    
    5) Server and Browser now encrypt all transmitted data with the session key.
    

    the last part of point 3 is not clear it creates, encrypts, and sends back a symmetric session key using the server’s public key.

    what browser create encrypt & transmit data with session key??

    the point 4

    Server decrypts the symmetric session key. what session key they are talking about? are talking about normal session like that when we request any page then a session start at server end ? looking for good explanation.

    handshake occur every time when request any web site from browser or handshake occur only when browser request any https page ?

    what is SSL handshake

    When a web browser (or client) points to a secured website, the server shares the public key with the client to establish an encryption method and a unique session key. The client confirms that it recognizes and trusts the issuer of the SSL Certificate. This process is known as the "SSL handshake" and it begins a secure session that protects message privacy, message integrity.

    this statement is not clear the server shares the public key with the client to establish an encryption method and a unique session key what they try to mean? looking for detail discussion. thanks

    Monday, April 7, 2014 6:24 PM

Answers

  • Hello,SSL (Secure Sockets Layer) is a standard security technology for establishing an encrypted link between a server and a client—typically a web server (website) and a browser; or a mail server and a mail client (e.g., Outlook).

    SSL allows sensitive information such as credit card numbers, social security numbers, and login credentials to be transmitted securely. Normally, data sent between browsers and web servers is sent in plain text—leaving you vulnerable to eavesdropping. If an attacker is able to intercept all data being sent between a browser and a web server they can see and use that information.

    More specifically, SSL is a security protocol. Protocols describe how algorithms should be used; in this case, the SSL protocol determines variables of the encryption for both the link and the data being transmitted.

    Thanks.

    • Marked as answer by Mou_kolkata Tuesday, April 8, 2014 7:08 PM
    Tuesday, April 8, 2014 10:37 AM
  • In Cryptography, SSL Certificate is known as Digital Certificate or electronics documents that is uses digital signature to bind public key with an identity information such as Name of a person or organization, residential address, email address, etc...

    When Browser Encounters SSL 

    • A browser attempts to connect to a website secured with SSL.
    • The browser requests that the web server identify itself.
    • The server sends the browser a copy of its SSL Certificate.
    • The browser checks whether it trusts the SSL Certificate. If so, it sends a message to the server.
    • The server sends back a digitally signed acknowledgement to start an SSL encrypted session.
    • Encrypted data is shared between the browser and the server and https appears.

    For Detailed information Visit here - http://en.wikipedia.org/wiki/SSL_certificate

    • Marked as answer by Mou_kolkata Tuesday, April 8, 2014 7:08 PM
    Tuesday, April 8, 2014 12:46 PM

All replies

  • Hello,SSL (Secure Sockets Layer) is a standard security technology for establishing an encrypted link between a server and a client—typically a web server (website) and a browser; or a mail server and a mail client (e.g., Outlook).

    SSL allows sensitive information such as credit card numbers, social security numbers, and login credentials to be transmitted securely. Normally, data sent between browsers and web servers is sent in plain text—leaving you vulnerable to eavesdropping. If an attacker is able to intercept all data being sent between a browser and a web server they can see and use that information.

    More specifically, SSL is a security protocol. Protocols describe how algorithms should be used; in this case, the SSL protocol determines variables of the encryption for both the link and the data being transmitted.

    Thanks.

    • Marked as answer by Mou_kolkata Tuesday, April 8, 2014 7:08 PM
    Tuesday, April 8, 2014 10:37 AM
  • In Cryptography, SSL Certificate is known as Digital Certificate or electronics documents that is uses digital signature to bind public key with an identity information such as Name of a person or organization, residential address, email address, etc...

    When Browser Encounters SSL 

    • A browser attempts to connect to a website secured with SSL.
    • The browser requests that the web server identify itself.
    • The server sends the browser a copy of its SSL Certificate.
    • The browser checks whether it trusts the SSL Certificate. If so, it sends a message to the server.
    • The server sends back a digitally signed acknowledgement to start an SSL encrypted session.
    • Encrypted data is shared between the browser and the server and https appears.

    For Detailed information Visit here - http://en.wikipedia.org/wiki/SSL_certificate

    • Marked as answer by Mou_kolkata Tuesday, April 8, 2014 7:08 PM
    Tuesday, April 8, 2014 12:46 PM