Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Sockets Layer (SSL) Fred Schank Kevin Wetter.

Published byMaryann Parks Modified over 9 years ago

Similar presentations

Presentation on theme: "Secure Sockets Layer (SSL) Fred Schank Kevin Wetter."— Presentation transcript:

1 Secure Sockets Layer (SSL) Fred Schank Kevin Wetter

2 Introduction SSL – Where does it fit in? SSL – Where does it fit in? SSL Handshake Process SSL Handshake Process Handling Certificates Handling Certificates Example Example

3 SSL Non-secure request Secure request

4 Ciphers No encryption No encryption Stream Ciphers Stream Ciphers RC4 with 40-bit keys RC4 with 40-bit keys RC4 with 128-bit keys RC4 with 128-bit keys CBC Block Ciphers RC2 with 40 bit key DES with 40 bit key DES with 56 bit key Triple-DES with 168 bit key Idea (128 bit key) Fortezza (96 bit key)

5 SSL Handshake

6 Certificates Digital form of identifying a node Digital form of identifying a node Comprised of: Comprised of: Location Info Location Info Name Info Name Info Fingerprint Info Fingerprint Info CA Info CA Info

7 Certificate Authorities (CA’s) Issues certificates to “trusted” sites for a fee Issues certificates to “trusted” sites for a fee Common CA’s Common CA’s Verisign Verisign InterSSL InterSSL WorldTrust WorldTrust NOTE: Anyone can act as a CA NOTE: Anyone can act as a CA popular browsers only trust certain CA’s popular browsers only trust certain CA’s

8 Issuing a Certificate Create a “request for signing”: Create a “request for signing”: #> openssl req -new > new.cert.csr #> openssl req -new > new.cert.csr Remove passphrase from key: Remove passphrase from key: #> openssl rsa -in privkey.pem -out new.cert.key #> openssl rsa -in privkey.pem -out new.cert.key Sign the certificate: Sign the certificate: #> openssl x509 -in new.cert.csr -out new.cert.cert -req -signkey new.cert.key -days 365 #> openssl x509 -in new.cert.csr -out new.cert.cert -req -signkey new.cert.key -days 365

9 Configuring Apache /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf SSL config file for Apache SSL config file for Apache Changes Changes SSLCertificateFile /etc/httpd/conf/ssl.crt/new.cert.cert SSLCertificateFile /etc/httpd/conf/ssl.crt/new.cert.cert Specifies where server’s certificate is Specifies where server’s certificate is SSLCertificateKeyFile /etc/httpd/conf/ssl.crt/new.cert.key SSLCertificateKeyFile /etc/httpd/conf/ssl.crt/new.cert.key Specifies where server’s private key is Specifies where server’s private key is

10 Example http://134.198.161.101

Download ppt "Secure Sockets Layer (SSL) Fred Schank Kevin Wetter."

Similar presentations

Web security: SSL and TLS

Web security: SSL and TLS
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
SSL Implementation Guide Onno W. Purbo

SSL Implementation Guide Onno W. Purbo
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Cryptography and Network Security

Cryptography and Network Security
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, I've Got You under My Skin“ by Cole Porter.

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
Introduction to OpenSSL Jing Dalhousie University.

Introduction to OpenSSL Jing Dalhousie University.
Chapter 7 Web Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI.

Chapter 7 Web Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI.
SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.

SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.

Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.

An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.
Apache Web Server Quick and Dirty Steve Gibbard for SANOG 16 (Originally by Joel Jaeggli for AfNOG 2007) ‏

Apache Web Server Quick and Dirty Steve Gibbard for SANOG 16 (Originally by Joel Jaeggli for AfNOG 2007) ‏
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
EECC694 - Shaaban #1 lec #16 Spring2000 5-4-2000 Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.

EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
Topic 11: Key Distribution and Agreement 1 Information Security CS 526 Topic 11: Key Distribution & Agreement, Secure Communication.

Topic 11: Key Distribution and Agreement 1 Information Security CS 526 Topic 11: Key Distribution & Agreement, Secure Communication.
Chapter 8 Web Security.

Chapter 8 Web Security.
SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004

SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004
TLS/SSL Review. Transport Layer Security A 30-second history Secure Sockets Layer was developed by Netscape in 1994 as a protocol which permitted persistent.

TLS/SSL Review. Transport Layer Security A 30-second history Secure Sockets Layer was developed by Netscape in 1994 as a protocol which permitted persistent.

Similar presentations

Ads by Google