Certificates are used to prove identity and used for creating secure communication. Check out http://itfreetraining.com for more of our always free training videos. This video looks at how a certificate works, what is a certificate and how they are used for identification and secure communication. Download the PDF handout http://itfreetraining.com/Handouts/Certificates/WhatAreCertificates.pdf What is a certificate? A certificate is an electronic document that contains data fields. When compared to a traditional paper certificate there are some similarities between an electronic certificate and a physical certificate. Digital certificates like a physical certificate are issued by an authority. For example, a university may issue a certificate to a student to show that they have completed the necessary work in order to graduate. The next question is, would you trust a physically certificate? Digital certificates work the same way. They are issued from an authority and the question becomes would you trust the authority that issued the certificate? Electronic certificates also contain other fields like who or what the certificate was issued to, how long it is valid, the public key and the digital signature. If a digital certificate is presented to a user or computer, the user or computer is able to check the certificate to ensure the person using it should be using it. Also the certificate contains a digital signature which allows the certificate to be checked to make sure it has not been modified. Digital Signature A digital signature provides a method for a certificate to be checked to ensure it has not been modified. In order to do this, a hash value is created for the certificate. To generate a hash value the certificate is put through a function to create a single value. Hash functions are designed so different certificates will not produce the same value, however the hash value cannot be used to generate the original certificate. The same principal applies to a person's fingerprints. They can be used to identify a person, however using a finger print you could not work out the features of a person like what color hair they have. When a certificate is created, the hash value for that certificate is also created. Using a function involving the private key, a digital signature is created and added to the certificate. Digital Signature Example When a certificate is used, in order to check the certificate has not been changed, the following is done: The computer generates the hash value for the certificate. Next, the digital signature is put through a function using the public key which should result in the same hash value. If both values match, the certificate has not been modified. This prevents a 3rd party taking a certificate, changing the values in the certificate and using the certificate. Trust Model Certificates work off a trust model. An example of a trust model in computers is that a computer may have a sticker on it indicating which operating systems it will run. The consumer, seeing this sticker, must trust that the manufacture would not put this sticker on the laptop unless it will run that operating system. The customer must also trust the creator of that operating system would not allow a computer manufacturer to put a sticker on a computer that would not run that operating system. Certificate Trust Model Certificates are generally deployed in a hierarchy. At the top is the root certificate authority. This can be an internal Certificate Authority or an external authority like VeriSign. When an authority like VeriSign issues a certificate, they will perform a number of checks on the individual purchasing the certificate to ensure that they are a valid business. When a certificate is used it can be checked to see which authority issued that certificate. In order for the certificate to be used, the computer must trust the authority that it was issued from. Authorities like VeriSign are trusted by default on most operating systems. Certificate Error If a certificate is presented to the computer and it is not trusted, the computer will generate an error asking if the users want to trust the certificate. It is up to the user to decide if they believe the certificate is valid. Certificate Hierarchy Certificates use a hierarchy. At the top is the root CA, below these are subordinate CA's. Any level can issue certificates to subordinate CA's or direct to users, computers or devices. If the user, computer or device trusts the root CA, then any certificate that is issued by any CA in the hierarchy will automatically be trusted and thus used by the client. References "MCTS 70-640 Configuring Windows Server 2008 Active Directory Second edition" pg 771-775 "Public key certificate" http://en.wikipedia.org/wiki/Public_key_certificate
This tutorial starts with a review of Symmetric and Asymmetric (PKI) Encryption. It discusses self signed certificates and how an SSL certificate is used in a C
This video will look at how to install an Enterprise Root CA to be with Active Directory Federation Services. This will get you up and going with the basic cert
In this video we go over how to configure and install a certificate authority node within Windows Server 2012 R2. I need to create one, so I could have a PKI in
How SSL works by leadingcoder. This is a full tutorial how to setup SSL that requires client certificate for reference: http://www.windowsecurity.com/article
RSA Public Key Encryption Algorithm (cryptography). How & why it works. Introduces Euler's Theorem, Euler's Phi function, prime factorization, modular exponenti
Modern day encryption is performed in two different ways. Check out http://YouTube.com/ITFreeTraining or http://itfreetraining.com for more of our always free t
3-This module provides an overview of Active Directory Certificate Services in Windows Server.
Not a subscriber? Start your free week. https://cbt.gg/2CsnIRh CBT Nuggets trainer Don Jones explains Kerberos, the native authentication protocol in active d
What is https? How does https work? What is https certificate? What type of attacks does SSL protect? What https/SSL does not protect you from? How to install S
How does public-key cryptography work? What is a private key and a public key? Why is asymmetric encryption different from symmetric encryption? I'll explain al
The first in the series of videos which will hopefully explain the key concepts around Https and SSL encryption, hashing (Sha 1, Sha 256 etc) certificates etc.
This movie explains the concepts behind Digital Signatures and the various components of Public Key Infrastructure in layman's terms from the Indian Context.
Peter Silva lights up the various types of proxies. In networking and web traffic, a proxy is a device or server that acts on behalf of other devices. It sits b
SSL TLS HTTPS process explained in 7 minutes
This video explains SSL and HTTPS, how browser uses it to secure data transfer. Watch in HD. Might be useful for people going to interviews for software jobs.
Welcome to the ITFreeTraining video on subnetting. Understanding how to subnet is essential if you want to deploy and maintain IPv4 networks. Access the video
A digital signature is equivalent to a handwritten signature in paper, and a digital signature serves three basic purposes. Digital signature is commonly used f
This chalktalk video addresses what is SAML and how it is used. Paul Moore, Centrify CTO and co-founder, helps illustrate this with a key SaaS use case and prov
This video will look at how to install and setup Active Directory Certificate Services (AD CS) for use with Active Directory Federation Services (AD FS) on Wind