Enthuware

Posted: **Thu Jul 09, 2015 4:35 am**

I would like some clarification on sequence 3 and 4.

  3) Client gets CA's certificate (with CA's public key) from the browsers TrustStore.

The client can determine whether to accept the server’s digital certificates by checking
these against its truststore. The received digital certificate is checked against a copy in the truststore. It's right?

Code: Select all

4) Client verifies signature on the Server's certificate with CA's public key.

how client verifies the signature ?

Posted: **Thu Jul 09, 2015 3:28 pm**

The received digital certificate is checked against a copy in the truststore. It's right?

No, not exactly. Digital signing is based on PKI. There is a private key and a public key involved.

A Signature is created with the private key. The public key (on the receiving side) is used to decrypt the Signature so that the receiver can verify the senders server address and domain name etc.

how client verifies the signature ?

It decrypts the Signature (with the public key) and reads the information about the sending party.

You don't need a thorough understanding of this topic but you should get the basics right. Please, check and read the links that are provided in the explanation. The describe PKI and its usage well and in an easy to follow manner.

Regards,
Frits

Enthuware

About Question enthuware.ocejws.v6.2.243 :

About Question enthuware.ocejws.v6.2.243 :

Re: About Question enthuware.ocejws.v6.2.243 :