All Questions
Tagged with encryption certificates
146
questions
1
vote
5
answers
591
views
How does a digital certificate prove authenticity?
Imagine the following scenario:
We have Bob that wants to send a message to Alice. Both have a public/private key. Bob uses his private key to sign the digest (hash of the message) with it's private ...
- 13
2
votes
1
answer
2k
views
What's the use of HMAC or hashing in TLS or SSL inspection
In the Server hello, I got the below Cipher suite
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
Now, I know that we are using DHE for the key exchange, we are using RSA for the authentication, and AES for the ...
0
votes
2
answers
1k
views
Is it bad idea to upload SSL Certificate as base64 encoded string?
I have to create an API for uploading a certificate file. Unfortunately, the library that I'm using (graphQL) does not support file upload. It only supports primitive types like string, int, float etc....
0
votes
0
answers
21
views
How does client data encryption work in HTTPS? [duplicate]
When you connect to a HTTPS server the server encrypts its data using the private key of its private certificate. The client decrypts it using the server's public key of the server's public ...
- 145
1
vote
3
answers
872
views
Encryption certs protected from decryption by thumbprint
Is it true that you can only decrypt data that was encrypted by a certificate using the same exact thumbprint? My thought was that you can decrypt the data using an updated version of the same ...
- 11
2
votes
1
answer
213
views
How do I ship my SSL keys with my application?
I have an executable, and I have the SSL certificates and keys necessary to establish the secure connection. The application performs self-updating by downloading and replacing itself with an updated ...
- 121
0
votes
1
answer
230
views
Are self-signed certificates better for local usage?
When generating a certificate what would more secure - generating a self-signed certificate using PGP or using a public CA like Let's Encrypt? We are using it for signing and encrypting.
What are the ...
- 264
0
votes
1
answer
183
views
How does a Cipher Suite Work without an Asymmetric Algorithm? [closed]
Using the cipher suite “TLS_AES_128_CCM_SHA256”
This example is referring to a self signed certificate
If a server uses TLS and uses the cipher suite above? How does the certificate get signed if ...
- 1
0
votes
1
answer
382
views
How should I securely rsync to a host with a self-signed certificate on a private network?
I have a backup server that has a self-signed certificate (x509) and another server on the same network. I would like to rsync data to the backup server from the other server. However, I prefer not to ...
- 3
0
votes
1
answer
590
views
Why are there no modern web browsers that allow extension access to SSL information about the site you are browsing?
In all my Googling, I found one version of FireFox that allowed it temporarily a long time ago, it has been discussed on the Chromium development forums for years, but yet, as of today, there is still ...
- 420
5
votes
1
answer
935
views
Impact of having more X509v3 Key Usage fields than required?
I was wondering if having an "oversubscription" of "Key usage fields" inside a X509v3 certificate can negatively impact the performance and/or the security of a server.
For example ...
- 65
3
votes
3
answers
730
views
Does EFS protect against data theft by ransomware?
Recent ransomware events often include data theft in addition to just encrypting data. The Encrypting File System on Windows Pro/Enterprise editions encrypts individual files using a private key ...
user257952
1
vote
1
answer
856
views
Use the public key of a certificate as the key for HMAC SHA
Consider the following scenario. A company has several computers for each users on the same domain. They purchase an RSA certificate from a recognized authority which will be deployed with private / ...
- 59
1
vote
0
answers
152
views
Digital Signature uses private key for encryption, and public key for decryption? [duplicate]
Public key is for encryption, and private key is for decryption in PKIs.
And digital signature employs the PKIs.
How to use a private key for encryption, and using public key for decryption which ...
- 11
1
vote
2
answers
2k
views
How does encryption, certificates in an end to end SSO flow?
So, I know how public-private key encryption works. I understand how/why certificates are required. I understand how a SSO flow (IdP initiated) works. But, I do not understand how the three of them ...
- 111