What is the way ssl generates session key
The way ssl generates a session key is to randomly generate it from the client and notify the server after encrypting it; ssl and its successor transport layer security is a security protocol that provides security and data integrity for network communications; TLS Encrypt network connections between the transport layer and application layer with SSL.
Recommended: "Programming Video"
The way ssl generates a session key is randomly generated by the client and Notify the server after encryption.
SSL (Secure Sockets Layer) and its successor Transport Layer Security (TLS) are a security protocol that provides security and data integrity for network communications. TLS and SSL encrypt network connections between the transport layer and the application layer.
The specific process of two-way authentication SSL protocol
① The browser sends a connection request to the security server.
② The server sends its own certificate and certificate-related information to the client browser.
③ The client browser checks whether the certificate sent by the server is issued by the CA center it trusts. If it is, continue to execute the agreement; if not, the client's browser will give the client a warning message: warn the client that this certificate is not trustworthy, and ask the client if it needs to continue.
④ Then the client browser compares the information in the certificate, such as the domain name and public key, with the relevant message just sent by the server. If they are consistent, the client browser recognizes the legal identity of the server.
⑤ The server requires the client to send the client's own certificate. After receiving it, the server verifies the client's certificate. If it fails the verification, it refuses the connection; if it passes the verification, the server obtains the user's public key.
⑥ The client browser tells the server the communication symmetric encryption scheme it can support.
⑦ The server selects the password scheme with the highest degree of encryption from the password scheme sent by the client, encrypts it with the client's public key and notifies the browser.
⑧ For this password scheme, the browser selects a call key, then encrypts it with the server's public key and sends it to the server.
⑨ The server receives the message sent by the browser, decrypts it with its own private key, and obtains the call key.
⑩ The subsequent communication between the server and the browser uses a symmetric encryption scheme, and the symmetric key is encrypted.
The commonly used https is not two-way, there is no ⑤
This problem occurs at ⑧
The above is the detailed content of What is the way ssl generates session key. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1378
52
Can't wait for universal controls? Now share your keyboard and mouse between Mac, PC with Barrier
Apr 14, 2023 pm 12:04 PM
How to Share Keyboard and Mouse Between Mac/PC Using Barrier You need to make sure that the computers you want to share your mouse and keyboard with are on the same network, and you'll be switching back and forth between different Macs during the initial setup. Get the latest version of Barrier here (DMG for Mac, exe for Windows) – Download it to each computer you want to be able to use your keyboard and mouse Install Barrier from the DMG (or use the exe to Windows) Copy to the /Applications folder on each Mac you plan to use it on and right-click Barr
After Java8 (291), TLS1.1 is disabled and JDBC cannot connect to SqlServer2008 using SSL. How to solve the problem?
May 16, 2023 pm 11:55 PM
After Java8-291, TLS1.1 is disabled, so that JDBC cannot connect to SqlServer2008 using SSL. What should I do? The following is the solution to modify the java.security file 1. Find the java.security file of jre. If it is jre, go to {JAVA_HOME}/jre/ In lib/security, for example????C:\ProgramFiles\Java\jre1.8.0_301\lib\security. If it is the Eclipse green installation-free portable version, search for java.security in the installation folder, such as????xxx\plugins \org
How to implement SSL passthrough in HAProxy
Mar 20, 2024 am 09:30 AM
Keeping web servers load balanced is one of the key measures to prevent downtime. Using a load balancer is a reliable approach, with HAProxy being a highly regarded choice. Using HAProxy, you can accurately configure the load balancing method and support SSL passthrough to ensure the security of communication between the client and the server. It starts by exploring the importance of implementing SSL passthrough in HAProxy, followed by a detailed discussion of the steps required to implement this feature and an example for better understanding. What is SSL passthrough? Why is it important? As a load balancer, HAProxy accepts and distributes the load flowing to your web servers across configured servers. Load distribution is targeted to client devices and
MySQL: Introduction to SSL connection and setup steps
Sep 08, 2023 pm 03:51 PM
MySQL: Introduction to SSL connection and summary of setup steps: MySQL provides SSL (SecureSocketsLayer) connection to encrypt the data transmitted between the client and the server. This article will introduce the concept and role of SSL connections, and provide steps and related code examples to set up SSL connections in MySQL. Introduction: As networks and data transmission continue to expand, data security becomes more and more important. By using an SSL connection we can add
Nginx with SSL: Configure HTTPS to protect your web server
Jun 09, 2023 pm 09:24 PM
Nginx is a high-performance web server software and a powerful reverse proxy server and load balancer. With the rapid development of the Internet, more and more websites are beginning to use the SSL protocol to protect sensitive user data, and Nginx also provides powerful SSL support, making the security performance of the web server even further. This article will introduce how to configure Nginx to support the SSL protocol and protect the security performance of the web server. What is SSL protocol? SSL (SecureSocket
How to use Nginx proxy server to implement dynamic SSL certificate generation for web services?
Sep 05, 2023 pm 02:24 PM
How to use Nginx proxy server to implement dynamic SSL certificate generation for web services? Nginx is a high-performance open source web server that can be used for various purposes such as proxy server, reverse proxy and load balancing. Its flexibility allows us to utilize its powerful features to achieve dynamic SSL certificate generation to provide more secure and flexible web services. This article will introduce in detail how to use the Nginx proxy server to generate dynamic SSL certificates. First, we need to generate a self-signed root certificate and private key
Fix: ERR_CERT_WEAK_SIGNATURE_ALGORITHM error in Chrome on Windows PC
Apr 18, 2023 am 09:41 AM
Many Windows users have recently started complaining about an issue where they receive error messages while browsing chrome browser found unsecured web pages and throws error message YourconnectionisnotprivatewithaerrorcodeNET::ERR_CERT_WEAK_SIGNATURE_ALGORITHMonWindows11 system. Now Windows users are not sure what causes this issue and how they can fix it to browse the web with ease. Some of the reasons that may cause this error message are mentioned below. SSL certificate cache issue corrupted browsing data
Sharepoint install SSL certificate?
Feb 19, 2024 am 11:27 AM
Installing an SSL certificate on SharePoint is a critical step in securing your website and providing an encrypted connection. By following the correct installation steps, you can ensure the security of your website data, improve your ranking in search engines, and provide a better user experience for your visitors. Get an SSL Certificate Contact a trusted Certificate Authority (CA) to purchase an SSL certificate. Provide the required authentication and domain ownership verification information. After completing the verification process, you will receive the SSL certificate file. Prepare the Certificate File Open your SSL certificate file using a text editor. Copy the certificate contents to a new text file. Save the file as yourdomain.cer, making sure to change "yourdomain”