A Brief Introduction to Secure Socket Layer (SSL) Technology
What issues arise?
1) Who are you speaking with?
2) Is Someone Listening to Your Conversation?
Two very real security issues for Internet correspondence arise.
2. Keeping your data safe and out of malicious hands during transit on the Internet.
SSL Details
SSL technology relies on the concept of public key cryptography to accomplish its tasks. In normal encryption, two communicating parties each share a password or key, and this is used to both encrypt and decrypt messages. While this is a very simple and efficient method, it doesn’t solve the problem of giving the password to someone you have not yet met or trust.
In public key cryptography, each party has two keys, a public key and a private key. Information encrypted with a person’s public key can only be decrypted with the private key and vice versa. Each user publicly tells the world what his public key is but keeps his private key for himself.
How SSL Works
Generating KEY file
root:/home# openssl genrsa -out domain.key 2048
Generating RSA private key, 1024 bit long modulus
....++++++
............++++++
e is 65537 (0x10001)
Generating server CRT certificate file.
root:/home# openssl req -new -key domain.key -out domain.crt
Enter pass phrase for domain.key: Key Password
Country Name (2 letter code) [AU]:IN // Country Code
State or Province Name (full name) [Some-State]:Tamilnadu // State
Locality Name (eg, city) []:Chennai // City
Organization Name (eg, company) [Internet Widgits Pty Ltd]:9lessons
Organizational Unit Name (eg, section) []:software
Common Name (eg, YOUR name) []:www.domain.com //
Email Address []:admin@domain.com // Domain Verification
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:SSL Password // No special characters
An optional company name []:egglabs
Copy files in XAMPP directories
root:/home# cp ssldomain.crt /opt/lampp/etc/ssl.crt/ssldomain.crt
root:/home# cp domain.key /opt/lampp/etc/ssl.key/domain.key
Enable SSL extension in /opt/lampp/etc/httpd.conf
LoadModule ssl_module modules/mod_ssl.so
Modify a Virtual Host /opt/lampp/etc/extra/httpd-ssl.conf
<VirtualHost _default_:443>
# General setup for the virtual host
DocumentRoot "/opt/lampp/htdocs"
ServerName www.domain.com
ServerAdmin admin@domain.com
ErrorLog /opt/lampp/logs/error_log
TransferLog /opt/lampp/logs/access_log
# Server Certificate:
SSLCertificateFile /opt/lampp/etc/ssl.crt/ssldomain.crt
# Server Private Key:
SSLCertificateKeyFile /opt/lampp/etc/ssl.key/domain.key
# Certificate Authority (CA):
SSLCACertificateFile /opt/lampp/etc/ssl.crt/ca.crt
</VirtualHost>
I. Obtaining an SSL Certificate
XYZ Inc., intends to secure their customer checkout process, account management, and internal employee correspondence on their website, xyz.com.
II. How Customers Communicate with the Server using SSL
Step 1: A customer makes a connection to xyz.com on an SSL port, typically 443. This connection is denoted with https instead of http.
Step 2: xyz.com sends back its public key to the customer. Once customer receives it, his/her browser decides if it is alright to proceed.
The xyz.com public key must NOT be expired
The xyz.com public key must be for xyz.com only
Step 6: Customer and website can now securely exchange information.
Uses for SSL Secure Socket Layer Technology
Thank you for being here, Please share your feedback in below comment section.
0 Comments