Skip to main content

Posts

Showing posts from December, 2018

Bit on certificates

In continuation to my previous blog, here I'm writing something more on SSL. As we learnt that, one of the key components of SSL protocol is certificates. Certification is nothing but just a set of files which contains information like: Owner of the certificate Issuer of the certificate Validity of the certificate, etc.  Below is the sample certificate: Before moving ahead, let’s have a look at the primary elements of certificates:  Public Key:   This file with extension as .crt is installed on the server and is distributed freely to any client.  Private Key: This file with extension .key is installed on the server and kept secret and secure. The file of SSL certificate contains information for encrypting data, it does not expire or have any details regarding organization or domain name.  Signing Request:   This file with extension .csr is sent to certificate authority by an applicant while applying for

Is SSL and TLS same or different?

Yes, many people are using these terms interchangeably. But in today’s time, right term would be TLS. Well, understand what is this TLS and why do we really need it? Most of us are already aware that HTTP is a plain text protocol which doesn’t have its own transport security mechanisms. In other words, HTTP is a protocol which sends data to a server and gets a response without any built-in feature or mechanism to protect data packet against tampering. To protect our packet which is travelling through HTTP, some sort of secure tunneling is required and that secure tunneling is provided by a protocol called TLS a.k.a. SSL. Here HTTP and TLS comes together. Usually people associate SSL/TLS with encryption, but that is not the only feature SSL provides. There are few more features as: Server Authentication – It makes sure that communication with the right server is made Veracity Protection – It promotes integrity and makes sure that none in between is reading our dat