Certificate Authority:
Certificate authority is used to issue certificates and to verify the identity of the owner. It is a part of the public key infrastructure. These certificates helps the users to trust the website information confirming it is secure and a trusted party. CSR refers to Certificate Signing Request.
Whenever a CSR is sent to the certificate authority, it is sent along with the public key and the other specific information possessed only by the owner. The CA then verifies the identity of the owner with the information provided by the owner. It then issues a certificate with the public key stating that the owner is legitimate and can be trusted. This certificate will be signed by the CA and is usually known as signed certificate.…show more content… They are protocols used to improve security in the network. X.509 certificates are used and uses asymmetric-key algorithm. Once a session is established using this protocol, to and fro communication is encrypted. These protocols are used widely for several applications like mail, VoIP, messaging etc. It is highly secure as it uses session keys for each session. Even if a particular session has been compromised, the earlier conversations cannot be retrieved. It has long term public secret key and short term key for the sessions. Since these protocols use X.509 certificates, it requires CA and PKI to verify the users and to issue certificates. TLS/SSL protocols are called for at the session layer and it performs at the presentation layer. Layer 5 initiate the session along with the cipher settings and session key. Layer 6 encrypts the data using the cipher and session…show more content… These protocols can function with each other, so it is necessary for the client to ask the server to start a TLS connection. Client can make sure that a connection is setup using two methods. One by assigning a port number for these connections or to specify the server to use TLS using a specific protocol mechanism. After the server and client decide upon using TLS, they exchange information which is used to improve the security of the connection. The client and the server exchange the SSL related parameters using SSL. The server also sends its certificate and initiates a CSR for the client certificate. After receiving the certificate, the client verifies the information in the certificate with CA. Once the server can be trusted and ensures a secure connection can be established with it, the client generates a session key and encrypts with the public key of the server which is included in the certificate. In some situations, the server has to verify the client and asks for client specific information. Then the client send its own certificate along with data signed with its information. The server verifies the client information. If the information is legitimate, the server then generates the session key. If the client cannot be trusted, the session is