SSL Decoded!

Everything you need to know about Secure Socket Layer.

A Thread 👇
What is SSL ?

It’s a protocol for encrypting and securing communications that take place on the Internet. It's now replaced by an updated protocol called TLS (Transport Layer Security) some time ago.
The main use case for SSL/TLS is securing communications between a client and a server, but it can also secure email, VoIP, and other communications over unsecured networks.
Why use SSL?

If details such as email IDs, user IDs, passwords, credit/debit card , bank a/c details get transmitted over an unprotected protocol, there is a significant risk of such private info coming into d hands of cybercriminals.
Such interception of data being transmitted is called a Man-in-the-middle (MITM) attack.

That’s the reason we need to protect this process of Data Transmission.
What is an SSL certificate?

An SSL certificate is a file installed on a website’s origin server. It’s simply a data file containing d public key & d identity of d website owner, along with other information. Basically d details of the party to whom d certificate has been issued.
Information includes-

Domain Name, Certificate Validity Period, Certificate Authority, Public Key, Key Algo, Certificate Signature Algo, SSL/TLS Version,Thumbprint Algo, Name of org, Website owner, Address.

W/o an SSL certificate, a website’s traffic can’t be encrypted wid TLS.
What Does an SSL Certificate Do?

The SSL protocol determines d encryption for both d link and d data being transmitted. Browsers can interact with secured web servers using the SSL security protocol, but to do that they need d SSL Certificate for establishing a secure connection
The most common use of SSL certificates is secure web browsing via the HTTPS protocol.
What Is Encryption?

As we know SSL certificates facilitate Encryption.

But what is that ??
If you send any data on an HTTPS-enabled website, that piece of information is converted into an unreadable string of characters.
For example, if your password is 1234, then it might be converted into something like ^%jfdgrt5/*u. This makes it virtually impossible for any hacker to interpret the information, even if they manage to intercept the data somehow.
How does SSL/TLS work?

Let’s understand it with a very simple example.

When you access a website, communication takes place between the web browser of your PC or mobile device and the webserver of the website. Information is then transferred from both sides.
Then the process of SSL/TLS handshake comes into the picture. TLS handshakes occur after a TCP connection has been opened via a TCP handshake. A TLS handshake also happens whenever any other communications use HTTPS, including API calls and DNS over HTTPS queries.
What is an SSL/TLS handshake?

TLS communication sessions begin with a TLS handshake.

Browser connects to the server, secured with SSL/TLS (https).
The server sends a copy of the SSL certificate, including the public key.
The browser checks the certificate and if it is valid it creates, encrypts, and sends back a symmetric session key using the server’s public key.
Server decrypts the symmetric session key using its private key and sends back an encrypted session key to start the encrypted session
How does a website get an SSL certificate?

Website owners need to obtain an SSL certificate from a certificate authority, and then install it on their web server (often a web host can handle this process).
A certificate authority is an outside party who can confirm that the website owner is who they say they are. They keep a copy of the certificates they issue.
What is the difference between HTTP and HTTPS?

The S in “HTTPS” stands for “secure.” HTTPS is just HTTP with SSL/TLS. A website with an HTTPS address has a legitimate SSL cert issued by a CA, & traffic to & from that website is authenticated & encrypted with d SSL/TLS protocol.
Where to find trusted certificate authority details on a Browser?

Here I am taking the example of Chrome on Windows -
How does my browser inherently trust a CA?

Ur browser (and possibly ur OS) ships with a list of trusted CAs. These pre-installed certs serve as trust anchors to derive all further trust from.
When visiting an HTTPS website, your browser verifies that d trust chain presented by the server during the TLS handshake ends at one of the locally trusted root certificates.
Does root certificates Expire?

Root certificates do expire, but they tend to have exceptionally long validity times (often about 20 years). You can expect that with an update of your browser or OS, you will get fresh root certificates before the old ones expire.
Hope you like the thread!

Please retweet and follow me for more such content.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Rakesh Jain

Rakesh Jain Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @devops_tech

7 Oct
I rarely use password login. And many folks out there even today aren't sure about ssh keys and their usage.

Everything about SSH Keys.

A Thread 👇
What is SSH?

SSH is a secure protocol used as the primary means of connecting to Linux servers remotely. It provides a text-based interface by spawning a remote shell. After connecting, all commands you type in your local terminal are sent to d remote server and executed there.
Today, the SSH protocol is widely used to login remotely from one system into another, and its strong encryption makes it ideal to carry out tasks such as issuing remote commands and remotely managing network infrastructure and other vital system components.
Read 27 tweets
5 Oct
Python Cheat Sheet 👇
Part - 1 Image
Part -2 Image
Read 4 tweets
5 Oct
BGP - A possible reason behind the recent disappearance of #facebook #instagram & #whatsapp from the internet.

What is BGP ?

#facebookoutage #networking

A Thread 👇
BGP (Border Gateway Protocol) is the routing method that enables the Internet to function. Without it, we wouldn’t be able to do a Google search or send an email. Image
What is network routing?

“The name of a resource indicates what we seek, an address indicates where it is, and a route tells us how to get there”.

- John F. Shoch
Read 14 tweets
27 Sep
What is Git?

What is GitHub?

Learn Git in just one thread! 👇
What is Git?

Git is a free, open-source distributed version control system. It keeps track of projects and files as they change over time with the help of different contributors.

A very popular tool used for source code management.
What is GitHub ?

GitHub is an online Git repository hosting service. Thought It adds many of its own features. While Git is a command line tool, GitHub provides a Web-based graphical interface.
Read 53 tweets
25 Sep
What is CPU Load Average?

#Linux #DevOps #Compute

A thread 👇
Load averages are the three numbers shown with the uptime and top commands - they look like this:

load average: 0.09, 0.05, 0.01
The three numbers represent averages over progressively longer periods of time (one, five, and fifteen-minute averages), and that lower numbers are better. Higher numbers represent a problem or an overloaded machine.
Read 22 tweets
23 Sep
Networking Basics!

How communication happens?
What are 7 OSI Layers?

#Linux #networking #basics #osi #DevOps

A thread 👇
What Is the OSI Model?

The Open Systems Interconnection (OSI) model describes seven layers that computer systems use to communicate over a network. Image
Layer 1: Physical Layer

It represents the electrical and physical representation of the data connection / system.

When a networking problem occurs, many networking pros go right to the physical layer to check that all of the cables are properly connected. Image
Read 17 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

:(