ExpertRefresh

SSL

1) What is SSL?





2) What a certificate CA contains?







SSL is cryptographic protocol for secure comunications. How does SSL work?
Client initiate a connection Server sends back un encrypted certificate Certificate contains server name, certificate authority, public key Client decrypt the certificate using the public key Client checks CA against his browser CA trusted list Client encrypts a secret number, using public key Server decrypt secret number Now both parts have the secret number
OpenSSL
Install & use on Linux //howto/ssl-cert-howto.php Install & use on Windows Heartbleed Bug (OpenSSL) !bA6BzX When users are connecting to a server, the memory is recycled. A hacker may be able to make a request beyond the size of his request. Firesheep (Firefox add-on) Is an add-on that demonstrate how big the problem is.