SSL Certificate Flashcards
1
Q
what are SSL certificate
A
SSL or secure socket layer certificate is a small data file installed in the web server, used to encrypt the data exchanged between browser and server
2
Q
what are the components of a SSL certificate
A
there are 4 parts of SSL certificate
- certificate owner’s distinguished name
- certificate owner’s public key
- issuer’s distinguished key
- issuer’s digital signature
3
Q
what are the SSL certificate validation levels
A
- domain validation certificate
- organization validation certificate
- extended validation certificate
4
Q
what are the types of SSL certificate
A
- single name
- domain name
- multi-domain name
5
Q
what is TLS handshake
A
- TLS handshake or transport layer protocol handshake is a way in which browser and server communicates in a secure manner
- In TLS handshake
- client sends a client hello message that comprises of TLS version supported, cipher suits supported and a random number called client random
- server responds with a server hello message comprising of
- TLS cipher suit selected
- SSL certificate
- a random number called server random
- client verifies
- that the certificate is issued by distinguished issuer authority
- the digital signature
- the expiry
- the domain name
- the client generates a pre - master secret by using the public key that is obtained from SSL certificate
- the pre - master key is decrypted by server’s private key
- now using the client random, server random and pre-master key a session key is generated
- the client does the same
- now both server and client have same key
- this key is used to encrypt and decrypt the traffic payload
6
Q
what are HTTP cookies
A
Cookies are small text files which contains key, value and attributes; the cookie never exceeds 4 kb
7
Q
how many types of cookies are there
A
first party and third party
8
Q
based on validity how many cookies are there
A
session bound and permanent
