Information Security Practices 1.3 (HTTPS)

Language 2023-06-05 04:59:25 views: null

foreword

        Doing this experiment requires the version of Tomcat, preferably Tomcat8. Because I used Tomcat10 before, and I couldn't do it all the time.

Require

        Deploy the HTTPS function on the web server side, and analyze the effect of HTTPS security protection through SSL through network sniffing

key step

  1. First, configure https for tomcat, that is, let tomcat use the https protocol.

        If you want to access the program through https, you need to obtain a certificate. The certificate issued by yourself is also called a self-signed ssl certificate. Here I want to use the keytool tool that comes with java jdk to create a local SSL certificate.

        Open the bin directory under jdk:

        After seeing the keytool tool in this directory, open a terminal in this directory:

        Enter the command shown in the figure below to generate a certificate:

        The key of the certificate I set to 123456.

        Then come to the conf directory of tomcat and find that the certificate has been generated:

        Then open the server.xml file in this directory, and add the code in the figure after port 8080:

 

        This allows tomcat to be accessed through https://localhost:8443.

        Clicking on Unsafe allows us to view the website's certificate:

        Finally, for the convenience of access, we want to automatically jump to https://localhost:8443 when visiting http://localhost:8080.

        Add the following code at the end of the web.xml file in the conf directory (included in the tag):

         2. Because there is no second computer, the https connection made above cannot be captured using wireshark. So here I choose to use Baidu's official website to check the role of SSL in https.

        

        As shown in the figure, Baidu's official website uses the https protocol.

        In the latest version of wireshark, SSL has been changed to TLS, so capturing directly with wireshark will not show the SSL protocol.

        We know that http has only three TCP handshakes, while https has nine SSL handshakes in addition to TCP's three handshakes. As shown in the picture below, I visited Baidu’s official website and found that after many TCP three-way handshakes, there will be many TLS protocols. The TLS protocol here is actually the SSL protocol.        

        Obviously, because the SSL protocol encrypts the https information, we cannot directly see the details of https after capturing the data packet.

        3. In order to decrypt https, you need to intercept the browser's pre_master_secret by setting environment variables.

        As shown in the figure above, add SSLKEYLOGFILE to the user variable, and the variable value can be set at will, as long as it is easy to find.

        Then we opened the Google browser, visited the official website of Baidu, and found that the file ssl.log successfully appeared in the corresponding directory:    

        Next open wireshark, click edit to go to preferences:

        Find the TLS protocol in the Protocols, that is, the protocol (the latest version of wireshark does not have the SSL protocol).

         Put the path to the file you just generated into the box below. Then save and exit, and then capture again:

        Then we can directly see the information in the https packet. At the same time, there is an additional column of data in the http data packet that can be viewed: Hypertext Transfer Protocol, which contains some information such as keys and certificates.

Analysis of the meaning of HTTPS in the modern information society where Web and HTTP are widely used

        HTTP is transmitted in plain text, and the data is unencrypted, which has poor security. The data transmission process of https (ssl+http) is encrypted, which has better security. Therefore, in the modern information society, in this era of lack of information security, https is very necessary. Of course, https is not better than https in all aspects. For example, HTTP only needs three TCP handshakes (a total of 3 packets) to establish a connection, while https requires 9 packets (a total of 3 packets) for an SSL handshake in addition to the TCP three-way handshake. 12 packages), so the response speed of https pages is slower than that of http, but in modern times where hardware and software are rapidly updated, these shortcomings are almost negligible.

epilogue

        In fact, there is an SSL programming practice behind the information security practice one, but because I did not write it well, I will not release it. It is a semi-finished product. But SSL programming is actually to use a server to communicate with customers. This happens to be the content of network programming. You can read the network programming practice I wrote or related blogs of other bloggers.

Guess you like

Origin blog.csdn.net/xiexieyuchen/article/details/130936298
Recommended
NetBSD bans submission of code generated by AI
Ranking
Talk dubbo of LRUCache
Chapter 1 Learning Summary
Introduction to Virtualization
pytorch 调用lstm
Six modules
[8086] The natural number of 1 to 36 into a 6x6 two-dimensional array of line-sequentially, and then print out the lower left half of the triangular array
mybatis mapper mapping file $ # {} {} understanding and
C language input and output buffer
c language floating-point input and output
andorid P version compatible, refer to Huawei
Daily
More
2024-05-18(31)
2024-05-17(6)
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)

Code World

© 2018 codetd.com