Working principle of HTTPS protocol

Enterprise 2023-07-01 13:04:29 views: null

Working principle of HTTPS protocol

  1. The client sends a request to the server, and then connects to port 443 of the server. The message sent is mainly a random value 1 and a list of encryption components supported by the client.
  2. The server response message mainly contains the random value 2 and the matched negotiated encryption algorithm, which is selected from the encryption component list sent by the client.
  3. The second response message sent by the server to the client is a digital certificate. This set of certificates is actually a pair of public and private keys. The certificate contains a lot of information, such as the issuing authority of the certificate, the expiration time, the public key of the server, the signature of the third-party certificate certification authority (CA), the domain name information of the server, and so on.
  4. The client parses the certificate. This part of the work is done by the client’s TLS. First, it will verify whether the public key is valid, such as the issuing authority, expiration time, etc. If an exception is found, a warning box will pop up, indicating that there is a problem with the certificate. If there is no problem with the certificate, the client generates a Pre-master secret random password string (pre-master secret key). The random cipher string is actually the symmetric key to be used for subsequent communication, encrypted with the server's public key, and sent to the server to notify the server that subsequent messages will be encrypted with this symmetric key.
  5. After the client authentication certificate is passed, the next step is to assemble the session key by random value 1, random value 2 and the pre-master key. The session key is then encrypted with the certificate's public key.
  6. To transmit encrypted information, this part transmits the session key encrypted with the certificate. The purpose is to let the server use the key to decrypt to obtain random value 1, random value 2 and pre-master secret key.
  7. The server decrypts to obtain random value 1, random value 2 and the pre-master key, and then assembles the session key, which is the same as the client session key.
  8. The client encrypts a message with the session key and sends it to the server to verify whether the server normally accepts the encrypted message from the client.
  9. Similarly, the server will encrypt a message with the session key and send it back to the client. If the client can accept it normally, it indicates that the SSL layer connection has been established.

insert image description here

Refer to online information

Guess you like

Origin blog.csdn.net/qq_43589852/article/details/121457951
Recommended
Arc Browser for Windows 1.0 officially GA
A programmer born in the 1990s developed a video porting software and made over 7 million in less than a year. The ending was very punishing!
Ranking
1. Select Sort
Create a thread thread
3 press to play ball that reach 6
Programmation CUDA (4) : gestion de la mémoire
SpringBoot database connection pool Druid error
E Diudiu App redesign summary
4EVERLAND Hosting now supports SNS+IPFS
About HTTPS
[vue3+vite+ts+element-plu+sass] uses bug records in sass
Interpretation of HUAWEI CLOUD GaussDB (for Influx): Best Practice Data Modeling
Daily
More
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)

Code World

© 2018 codetd.com