Presentation is loading. Please wait.

Presentation is loading. Please wait.

Digital Certificates Made Easy Sam Lutgring Director of Informational Technology Services Calhoun Intermediate School District.

Published byJeffry Wilcox Modified over 9 years ago

Similar presentations

Presentation on theme: "Digital Certificates Made Easy Sam Lutgring Director of Informational Technology Services Calhoun Intermediate School District."— Presentation transcript:

1 Digital Certificates Made Easy Sam Lutgring Director of Informational Technology Services Calhoun Intermediate School District

2 WHAT ARE WE HERE for?

3 WHAT’S A Digital Certificate? A (digital) form of identification –Drivers License –Passport Provides “information” about identity –Contains the public key of the entity identified in the certificate –The public key is matched to an identity and guaranteed by the issuer (Certificate Authority)

4 Certificate Uses Personal –Used to identify/validate individuals Server –Used to verify its identity to users –Bases for encryption Software Publisher –Used to sign/verify software Authority –Used to verify “signed” certificates

5 Certificate “Flavors” Public –Public signed certificate leveraging the PKI (Public Key Infrastructure) Private –Self generated/signed Wild Card –Used to represent a domain rather then a site Secure –40 to 256 bit encryption Secure Pro –128 to 256 bit encryption Extended Validation (EV) –Triggers the green address bar

6 Makeup of a Certificate Version number: X.509 standard Serial number –Uniquely identifies the certificate Certificate algorithm identifier –Key algorithm used to sign the certificate Issuer Validity period –The start (Valid from) and expiration date (Valid to) Subject –Name of the owner

7 Makeup of a Certificate Subject public key information –The owners public key and its algorithms Issuer unique identifier Subject unique identifier –Unique identifier of the certificate owner Extensions –Additional information related to the use and handling Certification authority's digital signature –Digital signature made with the certification authority's private key

8 Certificate Verification Certification Authority’s Name Your Identification Information Your Public Key Value Certification Authority’s Digital Signature Certificate Authority’s Public Key Message Digest

9 Certificate Verification

10 WHERE to GET CERTIFICATES www.verisign.com www.godaddy.com www.thwart.com Generate your own

11 How to Get Certificates Generate a request from the server Send the request to the certificate authority (CA) The certificate authority (CA) verifies your identity The certificate authority (CA) signs the certificate and returns it You install the certificate on your server

12 COMMON ERRORS Outside valid dates Site name does not match –Custom URL –Redirect Cannot be validated against the CA Common with self signed certificates Key does not match

13 SSL/TLS Secure Socket Layer – SSL Transport Layer Security – TLS Really what we are talking about is encryption that provides cryptographic security over network infrastructure like the Internet Encrypts the end-to-end segments of the connections at the Transport Layer (UDP/TCP) Commonly used to secure application protocols like HTTP, SMTP, ETC

14 SSL/TLS Link Network Transport Application Telnet, FTP, SMTP, HTTP TCP UDP IP, ICMP, IGMP Network interface and device driver TLS/SSL ENCAPSULATION

15 SSL/TLS

16 Questions?

Download ppt "Digital Certificates Made Easy Sam Lutgring Director of Informational Technology Services Calhoun Intermediate School District."

Similar presentations

Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
CP3397 ECommerce.

CP3397 ECommerce.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
SECURE SITES. A SECURE CONNECTION TERMS Secure Sockets Layer (SSL) An older Internet protocol that allows for data transmission between server and client.

SECURE SITES. A SECURE CONNECTION TERMS Secure Sockets Layer (SSL) An older Internet protocol that allows for data transmission between server and client.
Cryptography and Network Security

Cryptography and Network Security
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)

Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?

COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
More Trick For Defeating SSL

More Trick For Defeating SSL
By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.

By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.
SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.

SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.
 A public-key infrastructure ( PKI ) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store,

 A public-key infrastructure ( PKI ) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store,
Chapter 5 Network Security Protocols in Practice Part I

Chapter 5 Network Security Protocols in Practice Part I
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.

Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

Similar presentations

Ads by Google