X.509 certificate validation proccess
so i have been reading on x.509 certificates and i just don't quite get
how the entire process works.
so this is how i understand it: the CA is some company which produces
certificates. someone who wants to use one, like a bank website, contacts
the CA and buys a certificate containing the public key to encode the
messages for the website, which can only be decoded by the sites private
key.
this is where i get confused - how does the user (some web browser),
checks that the certificate it received is actually true and really came
from the correct site? how does it know its still valid? what kind of
checks are made to make sure everything is OK?
Thank you!
No comments:
Post a Comment