HPE Community
Operating System - Linux
1840139 Members
2501 Online
110161 Solutions
New Discussion

Re: just want to ask/verify the process of verification

 
SOLVED
Go to solution
Maaz
Valued Contributor

‎10-02-2005 02:39 AM

‎10-02-2005 02:39 AM

just want to ask/verify the process of verification

Dear Experts
I wana ask some questions
if i have got a Digital(SSL) certificate from a Reputed CA e.g VeriSign, for my company's website, what will happen when someone will visit my companys website ?

Is it true that ?
when client(browser) access the webserver(website), webserver will provide/show the Certificate to the client... then client will aoutomatically check/verify the certificate from the CA(VeriSign) ?

then when the client found the website is trusted(by checking with the CA) ... the webserver will provide the randomly generated public key, to the client, so that all communication will be encrypted via the use of public key ?

I just want to verify the above, from u Experts.

Any help will be highly appreciated

Regards
Maaz
0 Kudos
Reply
2 REPLIES 2
Steven E. Protter
Exalted Contributor

‎10-02-2005 08:56 AM

‎10-02-2005 08:56 AM

Solution

Re: just want to ask/verify the process of verification

Besides the additional trust of having Verisign mentioned on it, there is little you get other than less money in your wallet.

The security of the data exchange would be no better or worse, in my opinion than if you generated a certificate yourself.

The liklihood of someone trusting and using your site might however be higher.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
Ivan Ferreira
Honored Contributor

‎10-02-2005 04:57 PM

‎10-02-2005 04:57 PM

Re: just want to ask/verify the process of verification

The client will automatically accept the certificate because VeriSign is an trusted CA in the browser.

About the ramdom public key, I think is the client who generate a ramdom symetric key and encrypt it with the public key of the server.

Communication will be encrypted always if they access using https://

See:

http://www.tldp.org/HOWTO/SSL-RedHat-HOWTO-2.html
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.