Presentation is loading. Please wait.

Presentation is loading. Please wait.

Created by : Ashish Shah, J.M. PATEL COLLEGE OF COMMERCE

Published byBabette Stieber Modified over 5 years ago

Similar presentations

Presentation on theme: "Created by : Ashish Shah, J.M. PATEL COLLEGE OF COMMERCE"— Presentation transcript:

1 Created by : Ashish Shah, J.M. PATEL COLLEGE OF COMMERCE
Unit - 5 Chap – 3 SSL

2 Creating a Secure Server with SSL
Created by : Ashish Shah, J.M. PATEL COLLEGE OF COMMERCE Creating a Secure Server with SSL The Internet is a much less secure place than it used to be. If the Web site you administer will be used for electronic commerce or for exchanging any type of information that needs to kept private, these transactions need to be secure. SSL-enabled Web sites use a different URL prefix, https, to indicate that HTTP protocol request and document transfers are encrypted.

3 and how to create a self-signed certificate.
Created by : Ashish Shah, J.M. PATEL COLLEGE OF COMMERCE Secure Sockets Layer (SSL) is used to encrypt communications between your Web server and Web clients. It gives an overview of SSL, describes how digital certificates fit into the security picture, and how to create a self-signed certificate.

4 Understanding SSL and Server Certificates
Created by : Ashish Shah, J.M. PATEL COLLEGE OF COMMERCE Understanding SSL and Server Certificates One key is public, accessible to everyone; the other key is private, so only you or another authorized person can access it. Either key can be used to encrypt or decrypt data. The public key is part of the certificate, which is how the certificate is used to verify data sent to and received from the server.

5 Understanding SSL and Server Certificates
Created by : Ashish Shah, J.M. PATEL COLLEGE OF COMMERCE Understanding SSL and Server Certificates If a key is public, if (theoretically) everyone knows the public key, how can it be used for secure communication? Data encrypted with the public key can be decrypted only with the private key, which only you know. So, anyone can send you data encrypted with the public key but only you will be able to decrypt it because only you know the private key.

6 Understanding SSL and Server Certificates
Created by : Ashish Shah, J.M. PATEL COLLEGE OF COMMERCE Understanding SSL and Server Certificates Likewise, data encrypted with your private key can be decrypted only by the public key. If only you know the private key, recipients of encrypted data can be confident that a message or other data has come from you and not from someone impersonating you.

7 Created by : Ashish Shah, J.M. PATEL COLLEGE OF COMMERCE
Digital certificates Digital certificates work on two simple principles, encryption and trust: 1. SSL encrypts the communication between a Web server and a Web client to ensure that the data exchange has not been altered during transmission and to make it more difficult to steal sensitive data if the data exchange is intercepted. Encryption increases the difficulty of deciphering a captured data stream.

8 Created by : Ashish Shah, J.M. PATEL COLLEGE OF COMMERCE
Digital certificates Digital certificates provide a certain level of assurance, or trust, that the identities behind a Web server and a Web client are genuine, that is, that a Web server or client is not being operated by an impostor or fraud. Depending on the type of certificate in use, a digital certificate issued by a recognized and trusted certificate authority (CA) means that the CA has taken steps to verify the identity of the organization or entity operating a Web site. As a result, a digital certificate provides a reasonable degree of certainty that a Web site is in fact operated by the organization or entity that claims to operate it.

9 Created by : Ashish Shah, J.M. PATEL COLLEGE OF COMMERCE
Digital certificates A certificate contains information about the certificate owner, including the following: The owner’s address The owner’s name How the certificate can be used How long the certificate is valid The address of the Web site for which the certificate has been issued The public key associated with the certificate A message digest (also known as hash) to use to confirm that the certificate has not been altered since it was issued

10 Created by : Ashish Shah, J.M. PATEL COLLEGE OF COMMERCE
Creating a Self-Signed Certificate Creating a self-signed digital certificate on Fedora Core and RHEL systems is simple and straightforward. Use the following procedure (as the root user): 1. Change directories to /etc/pki/tls/certs: # cd /etc/pki/tls/certs 2. Create a key pair: # make genkey umask 77 ; \ /usr/bin/openssl genrsa -des > /etc/pki/tls/private/localhost.key Generating RSA private key, 1024 bit long modulus e is (0x10001)

11 Verifying - Enter pass phrase:
Created by : Ashish Shah, J.M. PATEL COLLEGE OF COMMERCE Enter pass phrase: Verifying - Enter pass phrase: This step creates public and private keys that will be used to encrypt and decrypt data streams sent to and from the server. Use a pass phrase that will be easy to remember but difficult for others to guess. The generated key file will be /etc/pki/tls/private/localhost.key. 3. If you are going to obtain a digital certification from a CA, you need to create a certificate signing request (this step is optional for self-signed certificates): # make certreq umask 77 ; \ /usr/bin/openssl req -new -key /etc/pki/tls/private/localhost.key - out /etc/pki/tls/certs/localhost.csr Enter pass phrase for /etc/pki/tls/private/localhost.key: You are about to be asked to enter information that will be incorporated Configuring a Web Server 549

Download ppt "Created by : Ashish Shah, J.M. PATEL COLLEGE OF COMMERCE"

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.

By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.

SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
1 Encryption What is EncryptionWhat is Encryption Types of EncryptionTypes of Encryption.

1 Encryption What is EncryptionWhat is Encryption Types of EncryptionTypes of Encryption.
Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution of public keys –use of public-key.

Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution of public keys –use of public-key.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
CERTIFICATES “a document containing a certified statement, especially as to the truth of something ”

CERTIFICATES “a document containing a certified statement, especially as to the truth of something ”
03 December 2003 Public Key Infrastructure and Authentication Mark Norman DCOCE Oxford University Computing Services.

03 December 2003 Public Key Infrastructure and Authentication Mark Norman DCOCE Oxford University Computing Services.
SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004

SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004
Computer Science Public Key Management Lecture 5.

Computer Science Public Key Management Lecture 5.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
SSL Technology Overview and Troubleshooting Tips.

SSL Technology Overview and Troubleshooting Tips.
Digital Certificates. What is a Digital Certificate? A digital certificate is the equivalent of your business card in the e-commerce world. It says who.

Digital Certificates. What is a Digital Certificate? A digital certificate is the equivalent of your business card in the e-commerce world. It says who.
CSCI 6962: Server-side Design and Programming

CSCI 6962: Server-side Design and Programming
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

Similar presentations

Ads by Google