SSL (Secure Sockets Layer)

SSL (Secure Sockets Layer)

Ibrahim S Ibrahim S

Ibrahim S

Seeking Cloud Engineer | 2 Azure Certified | Skilled in Docker, Kubernetes, Azure DevOps |

发布日期: 2023年3月28日
+ 关注

Secure Sockets Layer (SSL) is a standard security technology for establishing an encrypted link between a server and a client — typically a web server (website) and a browser, or a mail server and a mail client.

No alt text provided for this image


SSL enables the secure transmission of sensitive information such as credit card numbers, social security numbers, and login credentials. Data sent between browsers and web servers is typically sent in plain text.

An attacker can see and use information if they are able to intercept all data sent between a browser and a web server.

All browsers can communicate with secured web servers via the SSL protocol. However, in order to establish a secure connection, both the browser and the server require what is known as an SSL Certificate.

?????? ???????? ?????? ?????? ?????????????????????? ???????????? ?? ???????????? ?????????????????????

A process known as a "SSL Handshake" is used by the browser and the web server to create an SSL connection when a browser tries to access a website that is protected by SSL.

领英推荐

To establish an SSL connection, three keys are used: the ????????????, ??????????????, and ?????????????? keys. Anything encrypted with the public key can only be decrypted with the private key, and the reverse is true.

No alt text provided for this image

Browser connects to a web server (website) secured with SSL (https). Browser requests that the server identify itself.

Server sends a copy of its SSL Certificate, including the server’s public key.

The browser compares the certificate root to a list of trusted CAs and ensures that the certificate is not expired or revoked, and that its common name is valid for the website to which it is connecting. If the browser believes the certificate, it generates, encrypts, and returns a symmetric session key using the public key of the server.

Server decrypts the symmetric session key using its private key and sends back an acknowledgement encrypted with the session key to start the encrypted session.

Server and Browser now encrypt all transmitted data with the session key.

?????????? ?????? ?????? ??????????????.!!! ????

Spreading Knowledge Spreading Knowledge

Spreading Knowledge

5,802 位关注者

订阅
Binu S

Technical Architect, Collebera Digital Solutions, starting April 29, 2024.

1 年

Very useful
回复
1 次回应

要查看或添加评论,请登录

Ibrahim S的更多文章

  • Git - Interview question
    2024年1月29日

    Git - Interview question

    What is Git, and how does it differ from other version control systems? Answer: Git is an opensource version control…

    1 条评论
  • AWS - EKS
    2023年10月21日

    AWS - EKS

    Amazon Elastic Kubernetes Service (Amazon EKS) is a fully managed Kubernetes service. Kubernetes is open source…

    1 条评论
  • Docker Volume
    2023年8月11日

    Docker Volume

    ??Docker volumes are used for data persistence in Docker. So if we have a database or state full application, we would…

  • Content Creators Need To Avoid on Linkedin Mistakes
    2023年7月11日

    Content Creators Need To Avoid on Linkedin Mistakes

    ?????????????????????? ???????? ????????????????: Your headline is the first thing people see. Craft a compelling and…

  • Kubeflow || SageMaker
    2023年6月17日

    Kubeflow || SageMaker

    Kubeflow and Amazon SageMaker are both popular platforms used in the field of machine learning but they differ in terms…

  • Power of Digital Marketing
    2023年6月13日

    Power of Digital Marketing

    In today's fast-paced digital landscape, businesses must adapt and embrace the power of digital marketing to thrive and…

    1 条评论
  • What is Virus ...?
    2023年5月25日

    What is Virus ...?

    A computer virus is a program or piece of code designed to damage your computer by corrupting system files, wasting…

    1 条评论
  • What Is Infrastructure as Code (IaC)?
    2023年5月22日

    What Is Infrastructure as Code (IaC)?

    Infrastructure-as-Code (IaC) tools automate the management of IT infrastructure using programming languages and…

  • Remote Code Execution Attack (RCE)
    2023年5月17日

    Remote Code Execution Attack (RCE)

    What is an RCE (Remote code execution) attack? It is a bug in a service receiving data from a network port that allows…

  • Active Directory - Azure
    2023年4月23日

    Active Directory - Azure

    Azure Active Directory (Azure AD) is a cloud-based identity and access management service. Azure AD enables employees…

社区洞察

其他会员也浏览了