C: Networking and Security
When a Web browser accesses a domain secured by SSL, an SSL handshake authenticates the server and client, and establishes an encryption method and a unique session key. Once this handshake has been completed, the client and server can begin a secure session that guarantees message privacy and message integrity.
SSL uses
Note: When uploading the certificate and the private key, be sure the private key is not compromised in transit.
The following steps summarize how SSL works:
1.A client contacts a server secured by SSL.
2.In response to the client request, the server sends its certificate to the client.
3.The client generates a master key, which it encrypts with the server's public key and transmits the encrypted master key back to the server.
4.The server recovers the master key and authenticates itself to the client by returning a message authenticated with the master key. Subsequent data is encrypted and authenticated with keys derived from this master key.
Digital Certificates
Authentication with SSL is achieved with a Digital Certificate issued and signed by a Certificate Authority (CA) and stored on the server. Without a certificate signed by a CA, the server cannot be reliably identified to the client, yet a connection can still proceed if allowed.
The Digital Certificate resides on a secure server and is used to encrypt data and identify the Web site. The Digital Certificate verifies that a site belongs to who it claims to belong to and contains information about the certificate holder, the domain that the certificate was issued to, the name of the Certificate Authority who issued the certificate, the root and the country it was issued in. In addition to proving the veracity of a site, the Digital Certificate provides the receiver with a way to encode a reply. Digital Certificates come in
There are two principal ways to obtain a Digital Certificate. It can be bought from a certificate vendor or a user can
EDS Device Servers User Guide | 160 |
