How is SSL implemented?

240
December 12, 2017, at 00:48 AM

I was reading about SSL and I was wondering about the details of its implementation. I have been reading about it online for a while now but I still do not understand it so I was hoping someone could please clarify my doubts for me.

Let us consider a scenario where a client wants to login to a bank (server) and we have a CA that can help with the authentication process. The client needs to authenticate the server so it does not give away sensitive data to an imposter. My questions are:

  1. Given that the server has a public and private key how does the CA issue a certificate for the server?
  2. I have been looking online at the documentation and I have seen two repositories to store keys/certificates - the keystore and the truststore. Based on my current understanding, the client has the trust store which stores the CA's Certificate (containing the public key of the CA) and the server has the Key Store that stores its private/public keys and the certificate issued by the CA. Is this correct?
  3. How exactly does the client get the certificate of the CA? I know it needs this to verify the server certificate but how is this distributed in the first place? Also whats preventing a malicious user from forging his own version of the CA certificate and sending it to the client?
READ ALSO
maven downloaded jars for multiple projects

maven downloaded jars for multiple projects

I'm learning maven build process

223
How to use an SQL Query with multiple joins and count with hibernate

How to use an SQL Query with multiple joins and count with hibernate

I have a Java Spring MVC web application which uses hibernateI am trying to retrieve data from multiple tables using SQL join and also count of rows based on few conditions using a single query

162
How to output a mysql query in Talend without executing it

How to output a mysql query in Talend without executing it

I am new to TalendOS/DII'd like to export a mysql query as a

207