证书 - 他们如何获得?

发布于 2024-09-28 02:58:59 字数 240 浏览 3 评论 0原文

我现在对网络安全感兴趣。所以我读到了 PKI 和 Diffie Hellman 身份验证表单。

现在我正在阅读有关证书的内容,我问我它是如何工作的。所以我知道浏览器中有一些受信任的证书,所以你信任这些页面,浏览器所属的公司已经信任了。因此,当 A 信任 B 并且 B 信任 C 时 --> A 信任 C. 标准信任网络事物。

但我不明白的是,例如谷歌在开发 https 应用程序时是如何做到的。我从来不需要下载证书。那如何运作?

I am interested in web security right now. So I read about PKI and Diffie Hellman authentication forms.

Now I am reading about certificates and I ask me how that works. So I know Browser have some trusted certificates in it, so you trust the pages, the company which the browser is from, trusts already. So when A trusts B and B trusts C --> A trusts C. Standart Web-of-trust thing.

But what I don't get is how for example google did it when they made there applications https. I never had to download a certificate. How works that?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

故笙诉离歌 2024-10-05 02:58:59

有许多商业机构的业务是颁发数字证书;这些称为“证书颁发机构”或 CA。这些机构的顶级密钥的证书是通过常见的 Web 浏览器分发的,因此您已经安装了它们。

如果您(或 Google,或其他任何人)想要您的密钥的证书,您可以向其中一个知名 CA 发送请求(和一些钱)。 CA 会执行一些检查来验证您的身份,并且(只要检查通过)他们就会通过使用其证书签名密钥对您的密钥进行签名来创建新的证书。

当您将证书发送给某些第三方时,他们可以使用浏览器中存储的 CA 证书检查您的证书,这使他们能够确定您在证书中声明的身份是正确的。

证书有多种级别,它们对证书中声明的身份的正确性提供不同级别的保证。基本上,您支付的费用越多,CA 在检查您的身份时就越费力,他们购买的保险就越多!

There are a number of commercial bodies whose business is the issuance of digital certificates; these are called "Certificate Authorities" or CAs. The certificates of the top-level keys of these bodies are distributed with the common web browsers, so you will already have them installed.

If you (or Google, or anyone else) want a certificate for your key you send a request (and some money) to one of the well-known CAs. The CA performs some checks to verify that you are who you say you are, and (as long as the checks check out) they make a new certificare by signing your key with their certificate-signing key.

When you send your certificate to some third party they can check your certificate using the CA's certificate stored in their browser, and this allows them to establish that the identity you claim in your certificate is correct.

There are various levels of certificate which carry different levels of guarantee that the identity claimed in the certificate is correct. Basically, the more you pay the more trouble the CA takes in checking your identity and the more insurance they buy!

森林迷了鹿 2024-10-05 02:58:59

所有浏览器都存储证书颁发机构的证书,证书颁发机构又为各个组织颁发证书。

All browsers store certificates of Certification Authority, who in turn issue certificates for various organizations.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文