Skip to content

Latest commit

 

History

History
executable file
·
52 lines (29 loc) · 1.74 KB

File metadata and controls

executable file
·
52 lines (29 loc) · 1.74 KB

TLS Basics

In this section we will take a look at TLS Basics.

Certificate

  • A certificate is used to guarantee trust between 2 parties during a transaction.

  • Example: when a user tries to access a web server, tls certificates ensure that the communication between them is encrypted.

    cert1

Symmetric Encryption

  • It is a secure way of encryption, but it uses the same key to encrypt and decrypt the data and the key has to be exchanged between the sender and the receiver, there is a risk of a hacker gaining access to the key and decrypting the data.

    cert2

Asymmetric Encryption

  • Instead of using a single key to encrypt and decrypt data, asymmetric encryption uses a pair of keys, a private key and a public key.

    cert3

    cert4

    cert5

    cert6

How do you look at a certificate and verify if it is legit?

  • who signed and issued the certificate.
  • If you generate the certificate then you will have to sign it by yourself, that is known as self-signed certificate.

cert7

How do you generate legitimate certificates? How do you get your certificates signed by someone with authority?

  • That's where Certificate Authority (CA) comes in for you. Some of the popular ones are Symantec, DigiCert, Comodo, GlobalSign etc.

    cert8

    cert9

    cert10

Public Key Infrastructure

pki

Certificates naming convention

cert11