HTTPS, SSL, TLS & Certificate Authority Explained
Vložit
- čas přidán 29. 04. 2024
- This course is everything you need to learn all about HTTPS, SSL, TLS and the roles of certificate authorities.
Timeline:
0:00 - 10:04 - Intro to Networking
10:04 - 12:10 - Why HTTP is not secure
12:10 - 17:30 - Symmetric Encryption
17:30 - 24:59 - Asymmetric Encryption
24:59 - 33:33 - Certificates & Certificates Authorities
33:33 - 39:39 - Chain of Trust
39:39 - 43:28 - Exploring HelloFresh.com Certificates
By far this is the best video i have seen on CA. Everybody explain these concepts in a peripheral way and we will end up more confused. Here you have done a great job. Thank you!
No they don't, you're just not a technical person.
I love your teaching style. Do you have interest in sharing one of your already made courses with our channel?
Responded on LinkedIn
That will be amazing we will gladly watch it ,what an amazing combo
@@laithacademy Hahahaah am I reading it right, fcc asks laith to post on their channel wow.. 😅 I think only you and Craig Dennis (my two favorite teachers, what a coincidence) had such a honor to be asked directly by fcc themselves to host on their channel..
@@laithacademyby the way laith I think you're the right guy to ask this question as it seems you've lots of experience in different fields according to your videos on this CZcams channel.. So an intermediate front end developer freelancer I'm pondering whether i should apply as front end intern or move to learn devops cloud infrastructure and then trying to get an intern job in that field, or maybe go all the way to LLM, machine learning, ai and build a few projects in that field and apply as intern there.. I've interests and curiosity in all the 3 topics I just can't decide which path should I take further haha
... So maybe you can suggest me as a mentor your valuable opinion regarding all that? Thanks again and keep sharing all those awesome valuable videos
would 100% listen to this guy on freecodecamp he does an awesome job
Fantastic! I could never wrap my head around how you get a mutual key established over the Internet without someone being able to snoop it, and this finally made the connection for me. Plus certificates make more sense now.
Only video in the CZcams where you can come with pretty much zero or very basic knowledge of networking, internet security and still be able to understand SSL/TLS certificate better and very clearly than an average CS students know of..! Simply amazing teaching skills! 👌♥️
This is BY FAR the most educational video I've ever seen on this topic. Thanks a lot! It made a huge difference that you really started at the bottom instead of building on knowledge of other (confusing) stuff.
I've been searching for a detailed description of how the certificate chain of trust works. This is the best I've come across, by far! Thanks for posting!
The video starts from basics that's what makes it easy to understand and relate. So far one of the best videos on this topic. Amazing stuff. Thank you for putting this together.
Thanks for your pedagogy, I really appreciated your video.
Superb video on https. Thanks for the elaborate, clear explanation.
Rarely I comment on videos, usually, I stick to liking or disliking to provide feedback. However, I couldn't resist commenting on this video-such an incredible way to explain the intricacies behind how things work!
Great video! Last and most important thing that you didn’t notice in your video. Root CA Verification. The browser has a pre-installed list of trusted root CA certificates, which it uses to verify the authenticity of the root CA certificate presented by the website. The browser checks whether the root CA certificate presented by the website is signed by a root CA that the browser trusts.
The best explanation on the topic. Kudos for the remarkable effort you have put in! ❤
Nice video, but you could have also mentioned that the certificate is very tied to the website's domain name. You could also have said that the CA company checks the credibility of the certificate applicant and whether the domain name has been purchased by the applicant.
And a technical detail - CA does not encrypt the applicant's public key with its private key. It only digitally signs the certificate.
To digitally sign a document/file - we do not encrypt the entire file or its part with our private key. Because a 1GB file after encryption will give us a 1GB encrypted file. Therefore, we create a hash of this file, which is much smaller. Then we encrypt this hash with a private key and add the encrypted hash (digital signature) to the file. In this case, the document is the applicant's certificate.
It should be mentioned that if at least one bit of the file/document changes, its hash will also change - this is how hashing algorithms work. So, it is impossible to replace the website's domain name in the certificate without changing the hash and, consequently, the digital signature. If something in the certificate changes, the CA must sign a new one again.
And this is very important, because the browser first of all checks whether the website's domain name entered in the address field is identical to what is included in the certificate sent by that website. Because of that it is sure, that it enters the correct site. But the certificate could be fake. So, in second step it checks the certificate as well.
Browser creates a hash from the certificate, uses the CA's public key to decrypt the hash/signature, and compares these hashes. If they are the same, the certificate is OK. This proves that the certificate has not been changed along the way and comes from the owner of the domain/website.
And only when the domain name of the website is the same as in the certificate and the certificate is verified positively, only then does the browser trust the website it wants to visit - and a padlock appears.
Greets.
God Bless you for this video.
Great content! I thoroughly enjoyed your explanation; it was simple and easy to understand. Keep up the fantastic work!
you are one of the best teachers out there i really appreciate you and your work.
Accidentally clicked on this video, but after nearly an hour of watching, what I got was satisfaction. You're doing a great job! Thanks!
Bro, your lectures are way above college level. I mean, I learn here way more by watching your explanatory video than actually going to college. Thanks for taking the time to be as considerate enough in sharing all of this valuable info. I agree, also with some of the comments down here, you're easy to follow and man I've learned so much in that 43 minute explanation. You should create your own courses and sell them online just saying, given your potential. Anyhow, wishing all of the best.
It is great you went all levels in OSI model. Sometimes staying at the abstractions of higher layers can confuse or make learners assume wrong ideas! Great video
Amazing content! loved it, thanks for this.
After watching the video, I just could not help asking myself who is making this video. The quality, the details, the PowerPoint slides, the detailed explanation left me wanting more content in this manner. You have a skill. Another thing that I might add. One can say that your video is long (took me three seating to complete it) but the knowledge that I came out was unbelievable. I understood the topic 100 percent. Don’t see how you could have made it shorter. Amazing job. Can wait for new content and I am looking at other videos and topics that you have done as the content has to be amazing.
just watched your nginx course, you're really good at explaining man!
definitely gonna watch more of your videos
Excellent video 👌
The only thing that I feel is missing is the a slide showing/explaining how the usage of Certificate with conjunction of CA actually prevents the man-in-the-middle problem.
Absolutely great content, I learned a lot!
The best explanation I have come across on this topic! 🙌
Thank you for making this video. This is exactly what I was looking for after wasting time watching 3 or 5 minutes videos on this topic. Now I understand it. Love your teaching style.
complimenti, chiarissimo. Grazie
best video out there that explains all this. thank you for your efforts!
absolutely wonderful, thank you :)
huge thanks! really useful explanation!
Thank you so much for detail explanation.
Thanks a lot for making this video. Helped me understand clearly how the complex process of encryption works
Amazing video, thank you for such labor to make it for people who doesn't really know all this stuff
Great Video.Thanks for your Time and Effort.It really helps.
Thank you!!!! This was a great video and really well explained!
This is the best explanation of Cryptography concept, Thank you so much for making this.
Best video on SSL certificate on any platform.. thank you so much!! You just earned a subscriber :)
You are the Best !!!
As a cyber security student this video was very informative. It flowed very smoothly and didn't feel bored at all (even though it was 40mins). Very good video. thank you laith academy.
Fantastic as always. thanks for your useful tuts 💗
I certainly do appreciate this tutorial 💯, thank you very much! :-)
love the explanation.
luv ur explaination bruuu
a very well explained tutorial.... was searching all internet for something like this and got stuck with your vedio and YOU NAILED IT ....... Thanks for such an explanatory video !!!
One of the best and detailed video video ,so amazing explanation ❤
Thanks for detailed explanation ,Best ever explanation i have come across FOR SSL HTTP AND HTTPS❤
Thank you! this is so well explained ☺
Very well explained.. Appreciate your good work. 👏👏
at 22:32 minutes I fully understand how secure communication happened at the first place !!! Awesome work as you do always Love from Pakistan
instructor like u deserve better bro i have been watching you videos for long time they are so good even you are better than most famous youtuber. you know you are the best instructor also most underrated instructor you deserve better.
This is such an amazing video with great explanation.
Thanks! You work for hello fresh, this is so cool!
I'm revisiting this process, it has been a while since i saw it at college. This is more complicated than i remember, but basically the CA Authority is encrypting an already public server key not to protect against decryption, but it is doing for the purpose of signature, because only the CA Authority could have ever issued an encrypted 'thing' that can be decrypted with the CA Authority public key. And we can check that the 'thing' after the decryption is correct because it is attached to the certificate. This very cool and well explained, appreciate the video.
And if you read this please correct me if my understand is wrong on this.
Perfect .. Very well explained
Finally... I understood this concept thanks to you...
Great video! I learned a lot in one video.❤❤❤❤❤
Thanks a lot Laith Academy... great stuff and very well explanation.
Great details, thanks. 🙂
This's almost perfect explaination
Man this video is very nice and need, a little bit extended, but needed
Crazy explanation ❤❤❤ in an hour I am attending client round I am 200% confident right now
super, excellent, very good explanation. very good teacher
great video, worth the time watching. but one thing to add to the video is that asymmetric encryption is used only during the "symmetric encryption public key' exchange period, after that, symmetric encryption will be used. the reason is symmetric encryption is far more efficient.
Wonderful explanation
Super nice, impressive slidedeck!
great explanation!
Great explanation thx
Very good explanation. I am myself a programmer and didn’t really get a clear picture of https into my head. Thank you very much!
Thank u so much this is really helpful and the best one so far
Hey buddy, this is a amazing video, really nicely described. I have subscribed right away and am looking forward to seeing more videos. I'm grateful.
Excellent info thanks Laith.
This is really good, answers to alot of questions (I didn't even know how to ask 😂)
perfect explanation..
Great vid3o. Well explain
Thank You!
Great video ans love your presentationand teaching method, keep it up
great video thanks for it ❤❤
Thank you!
bravo much appreciated
Great Video
Excellent video
Very informative
Its awsome !!!!!!!
Very good video for explain the HTTPS and the use of certificates, but you didn't spoke of the SSL & TLS?
Or all the chain of trust is the SSL/TLS?
great Video
Very good video!
Very helpful video :)
completed !!! to be honest never seen such a wonderful explanation on such complex topic
Regard: Kim from Pakistan
@Laith Academy: Thanks for the detailed explanation.
I have a doubt at 32:55 timestamp
The Facebook user browser doesn’t decrypt, instead performs signature verification with CA’s public key.. is my understanding correct? Because public keys used for encryption not decryption.
gracias thanks!
tks you
This is great. To confirm, the server doesn't request a certificate from the CA for every request - it just renews it every X number of weeks?
Do we also get the CA private key in our browser?
Hi all, I just want to clarify a doubt regarding the chain of trust.
In the last example where Baltimore is the root, Cloudflare is the intermediate and hello fresh is the server, the client will finally have 3 sets of public key (1 from root, 1 from intermediate and 1 from server) which it will then use to decrypt the corresponding encrypted public keys attached to each certificate?
super
For your MERN subscription project, how do you deploy the app from localhost 3000 and localhost 8080 to the actual web app domain?
subscribed .
Can you make a video how sso and saml works in details also how to setup these in Google
Use magnifier tool to zoom and show browser certificate
You have to give a shout out of the people helping you behind-the-scenes. There's no way you're making all of these videos alone.
What if you do a man in the middle attack from server to CA and on the same time from the client to the CA and pretend to be the CA. You send back the certificate containing all the information the CA would include together with (your own) public key.
Isn't that theoretically possible?