docs: create Information
This commit is contained in:
parent
62a101ff4b
commit
5dbb3fdeb1
43
Information.md
Normal file
43
Information.md
Normal file
@ -0,0 +1,43 @@
|
|||||||
|
---
|
||||||
|
title: SSL/TLS
|
||||||
|
description:
|
||||||
|
published: true
|
||||||
|
date: 2025-09-28T14:42:56.701Z
|
||||||
|
tags:
|
||||||
|
editor: markdown
|
||||||
|
dateCreated: 2025-09-28T14:42:56.701Z
|
||||||
|
---
|
||||||
|
|
||||||
|
# SSL/TLS
|
||||||
|
|
||||||
|
## CA
|
||||||
|
A provider which can sign certificates.
|
||||||
|
|
||||||
|
|
||||||
|
## Certificate
|
||||||
|
|
||||||
|
The CA provides a certificate and signs it with a digital signature using the private key of the CA.
|
||||||
|
|
||||||
|
```
|
||||||
|
f(certificate, CA Private Key) = signature
|
||||||
|
```
|
||||||
|
|
||||||
|
An SSL/TLS certificate (X.509 cert) contains
|
||||||
|
|
||||||
|
* The server’s public key
|
||||||
|
* The domain name(s) it’s valid for
|
||||||
|
* Validity period (start/end dates)
|
||||||
|
* Extensions (like usage constraints)
|
||||||
|
* A digital signature made by the issuer (CA)
|
||||||
|
|
||||||
|
The client request a certificate from a server and checks that the resulting hashes match. The CA public key is knwon to the browser prior.
|
||||||
|
|
||||||
|
```
|
||||||
|
f(signature, CA public key) = result hash
|
||||||
|
```
|
||||||
|
|
||||||
|
```
|
||||||
|
hash(certificate) = result hash
|
||||||
|
```
|
||||||
|
|
||||||
|
The the client uses the Servers public key taken from the CA certificate and sends a messages which can only be correctly decoded if the server has the correct private key
|
||||||
Loading…
x
Reference in New Issue
Block a user