Client | TCP Connection Established | Server |
|
|
|
TCP | SSL Record | Handshake |
|
|
|
Change
Cipher
Spec
Finished
Figure 28 - Server Finished
The server decrypts the pre_master_secret and generates the master_secret. It goes ahead and let’s the client know that it is changing over to use the master_secret and proves that it knows the master secret by providing a cryptographic hash of all data sent over to the client.
Once the client and server both verify the cryptographic hashes, the handshake process is done and actual client data can be sent over the SSL/TLS connection.
Let’s see how SSL/TLS works in its most popular form: HTTPS.
Using HTTPS with HP Jetdirect
Before we begin, we need a little info on the setup. We have a RootCA with a subordinate CA called R2. The subordinate CA issues certificates to clients on the network. Refer to Figure 29 – CA Hierarchy.
26