SSL Certificates
Also known as SSL/TSL certificate, Digital Certificate, Public Key Certificate triggers the “little padlock” or green bar in the browser. It uses HTTPS for secure communication and certifies the ownership of a public key. The SSL is used for encrypting data sent between the browser and a remote server.
SSL stands for Secure Socket Layer, a cryptographic protocol for communication security. While TLS stands for Transport Layer Security.
A certificate content :
- Organization
- URL
-State, Country
-Valid date range
-Issuer
Its purpose is encryption, Identity, and trustworthiness.
Handshake and Cryptography:
Symmetric-key Cryptography
- Let’s you encrypt data using a password as decrypt data using the same password, therefore, symmetric-key is = the same key.
Public Key Cryptography
It’s asymmetric-key cryptography, a pair of mathematically linked numbers. A Public key and Private Key, the private key should always be kept secret and secure, on the other hand, the Public key can be shared widely. The Data Encrypted with the public key can only be decrypted with the private key.
SSL/TSL Handshake
A browser sends a request to a secure server, the server sends backs its SSL certificate, which includes the public and other data about the server’s identity. The browser confirms if the SSL certificate is valid and encrypt a very long password using the public key and sends it to the server.
The server decrypts the data using its private key and retrieves the password, here they use the shared password to encrypt all future communication with symmetric-key cryptography.
Then why switch over to symmetric-key cryptography when it’s doing with public-key cryptography?
Well, because it allows us to have the benefit of both technologies. Public-key cryptography is great for being able to communicate private communication fully in public. the problem is that the algorithms that do that are quite slow. Symmetric-key, on the other hand, can be difficult to send that key publicly, which makes it hard to share data anonymously over the internet, but once we have a shared key and the password that we can both work with, then it’s very fast.
An overview:
- SSL Certificate certifies ownership of a public key.
- Public Key is used to exchange passwords in public.
- The password is used to encrypt all data between the browser and the server.
- Password is temporary and can not be reused