What are certificates?
Vložit
- čas přidán 14. 06. 2024
- Certificates are used to prove identity and used for creating secure communication. Check out itfreetraining.com for more of our always free training videos. This video looks at how a certificate works, what is a certificate and how they are used for identification and secure communication.
Download the PDF handout
itfreetraining.com/handouts/ce...
What is a certificate?
A certificate is an electronic document that contains data fields. When compared to a traditional paper certificate there are some similarities between an electronic certificate and a physical certificate. Digital certificates like a physical certificate are issued by an authority. For example, a university may issue a certificate to a student to show that they have completed the necessary work in order to graduate. The next question is, would you trust a physically certificate? Digital certificates work the same way. They are issued from an authority and the question becomes would you trust the authority that issued the certificate? Electronic certificates also contain other fields like who or what the certificate was issued to, how long it is valid, the public key and the digital signature. If a digital certificate is presented to a user or computer, the user or computer is able to check the certificate to ensure the person using it should be using it. Also the certificate contains a digital signature which allows the certificate to be checked to make sure it has not been modified.
Digital Signature
A digital signature provides a method for a certificate to be checked to ensure it has not been modified. In order to do this, a hash value is created for the certificate. To generate a hash value the certificate is put through a function to create a single value. Hash functions are designed so different certificates will not produce the same value, however the hash value cannot be used to generate the original certificate. The same principal applies to a person's fingerprints. They can be used to identify a person, however using a finger print you could not work out the features of a person like what color hair they have. When a certificate is created, the hash value for that certificate is also created. Using a function involving the private key, a digital signature is created and added to the certificate.
Digital Signature Example
When a certificate is used, in order to check the certificate has not been changed, the following is done: The computer generates the hash value for the certificate. Next, the digital signature is put through a function using the public key which should result in the same hash value. If both values match, the certificate has not been modified. This prevents a 3rd party taking a certificate, changing the values in the certificate and using the certificate.
Trust Model
Certificates work off a trust model. An example of a trust model in computers is that a computer may have a sticker on it indicating which operating systems it will run. The consumer, seeing this sticker, must trust that the manufacture would not put this sticker on the laptop unless it will run that operating system. The customer must also trust the creator of that operating system would not allow a computer manufacturer to put a sticker on a computer that would not run that operating system.
Certificate Trust Model
Certificates are generally deployed in a hierarchy. At the top is the root certificate authority. This can be an internal Certificate Authority or an external authority like VeriSign. When an authority like VeriSign issues a certificate, they will perform a number of checks on the individual purchasing the certificate to ensure that they are a valid business. When a certificate is used it can be checked to see which authority issued that certificate. In order for the certificate to be used, the computer must trust the authority that it was issued from. Authorities like VeriSign are trusted by default on most operating systems.
Certificate Error
If a certificate is presented to the computer and it is not trusted, the computer will generate an error asking if the users want to trust the certificate. It is up to the user to decide if they believe the certificate is valid.
Certificate Hierarchy
Certificates use a hierarchy. At the top is the root CA, below these are subordinate CA's. Any level can issue certificates to subordinate CA's or direct to users, computers or devices. If the user, computer or device trusts the root CA, then any certificate that is issued by any CA in the hierarchy will automatically be trusted and thus used by the client.
References
"MCTS 70-640 Configuring Windows Server 2008 Active Directory Second edition" pg 771-775
"Public key certificate" en.wikipedia.org/wiki/Public_k...
Clearest explanation I’ve ever seen.
Still twists my brain into a knot.
Same here. It doesn't matter how simply it is explained it is difficult to wrap your head around it :)
Ah yes, glad i'm not alone
I gotta say...
I've been through some websites and videos trying to explain certificates.
But this is the one video that explains it the most simplest and well-understandable manner.
Coballes19 Thanks very much, we're glad you found or videos helpful
I know I'm 5 years late, but if you want simple and understandable, another person to look into is Sunny's Classroom. I haven't checked his video on certificates yet, but everything I've watched from him has clarified my confusion immensely, and his comments section is full of people saying the same thing. Just so that you have another source to go to for good informative videos :)
Love the training series. It's really taken everything and put it into baby steps so that anyone, even if they aren't particulary from the IT field, can easily understand these concepts. This goes for all of your videos, I love watching them all.
jjaroc86 Thank you, Happy to hear you enjoyed our video
I love when stuff is simplified. You can give me more complicated perhaps real life scenarios but make it simple at first. Thank you!
You're most welcome! Thanks for watching.
That was wonderful! Thanks, for making it so clear and linking it to real life examples! Keep up the good work!
Thank you. This was really good, even 9yrs later
Glad you enjoyed it!
Thanks for disabling adblock, but there is no need to click on the ads, unless you are interested in the product. Glad you like the videos.
Excellent vid! After several days of trying to "get" this stuff, this is by far the best explanation out there.
+Raf Van Haver we're glad you found the videos useful and informative!
Great Video by IT Free training. Cheers to you guys. The demonstration is awesome.
Thanks you a lot. It's too good for a free training vid
Thank you, we're glad you found the video helpful
My god it took for ever stumble upon an explanation this good. Thanks.
Glad it was helpful!
Loved the examples and visuals you used as it helps someone like me relate and understand so much better!
We're glad you enjoyed it!
If only all tutorial videos could be this good! Awesome explanation. Thanks.
You're very welcome!
itfreetraining is making the best educational videos. I got my job thanks to your videos
+Богдан Захариев Thanks! We couldn't be happier that our videos helped you get a job.
Wow. I feel much more confident now after watching this video. Thanks ITFreetraining.
Thank you, we're glad you found the video helpful!
One of the best videos I have seen on certificates. I am pointing my colleagues here if they want to learn more about certificates!
Thanks for the referrals! Thanks for watching.
Great video!!! Clear explanations.
I have a playlist of videos on SSL (Secure Socket Layer) and this particular videos is among the best on that list.
a perfect video !!!! thank you so much you saved me !!!
You're very welcome! Thanks for watching!
noelque
That feeling when it finally clicks. Thank you.
Thanks for watching.
Thanks for the video. It is crisp, clear and to the point. Great day ahead.
You're very welcome!
Very well explained video. Good job!
Thanks!
Thank you, very informative and kept simple to understand.
I like your video very much. It's really great. I'll keep an eye on your channel. I am your fan and I will support you.
Thanks very much and thanks for adding us to the playlist.
Great video, very well explained, Thank you very much.
Amazing video. You are a wonderful human being.
Amazing introduction of the fundamentals and the concept. Thank you so much
You're very welcome!
One of the best channels , well-explained!
+Yehya Mnaimneh Thank you very much.
amazingly clearly explained, thank you
Thanks, glad you liked the video.
thanks for the prompt reply
that helps me undertand it for the time being ....
Thank you! great effort and very clear. Very valuable 15 mins of my day.
You're very welcome! We're so glad you enjoyed it. Thanks for spending your 15 minutes with ITFreeTraining. ;)
Thank you so much, this video was incredibly insightful !
Glad it was helpful!
Thank very much and thanks for watching.
Great explanation - just what I needed right now to help me understand how this all works. Thank you very much...
Glad it helped!
Excellent Explanation.... I got your knowledge ..you got my subscription .. :)
Excellent Work.. Very Useful.. Thank you ITFreeTraining team..
No problem at all, thanks for watching.
Excellent tutorial!
Thanks, glad we could help.
perfect explanation which i am looking for
No problem, thanks for watching.
you are awesome . thank you very much dude. your video is great .
I'm just impressed that you managed to navigate your subtitle settings.
Thank you!
Best channel ever.
+ScoringStageDe Thanks!
Very crisp and clear explanation. Thank you for sharing.
Thanks for watching.
Thank you! Have been using certificates for years now without really knowing how this Trust Model works. Now that I know how it works I can use certificates with more confidence.
Glad to help!
Thank you SOOO much. Your explantions are very clear !
You're most welcome! We're glad our videos helped you.
Thank you for making this video. Very helpful!
You're most welcome!
Outstanding tutorial.
No problem at all, thanks for watching.
It's very good explanation indeed, I have been looking for this a while, thanks a lot :D
Thank you very much!
That was indeed a great video!!!! Many thanks...
You're very welcome!
very helpful stuff, cant wait for next videos
Amazing Video.. So simple explanation to understand and still the topic relevant to me after these many years.. Thank you very much for this.. Subscribed.! :-)
All i can say is thank you, you did a great job sir
+Bahaa Khateib Thank you very much! We strive to provide the best IT training videos for free so we're more than happy to hear you believe we did a great job.
Thanks. I have to manage certificates as a licence/sofware manager. It has really helped.
+Kevin Stoneham Thank you. Happy our video was helpful
very good video .... explained well !!!! thank you
Glad it was helpful!
Thanks very much and thanks for subscribing.
I love the way you explain it. Thanks a lot
+Smail Asma Great! We love that you enjoy it. You're most welcome, thanks for watching.
Exactly what I was looking for!
Glad we could help.
Thumbs Up, incredible explanation!
Glad you liked it!
Awesome video, thank you so much!
Glad you liked it!
You're very welcome!
Very helpful video to understand certificates. Thanks.
You're very welcome!
You are very welcome!
wow what a great teacher....i really like the scenario u created .is extremely understandable
with this scenario you created
+Stephen Boakye Thank you!
Brilliant! Great 15min video!
Thanks very much.
Excellent explanation!
Glad it was helpful!
thx for being free :) ...ive just disabled the adblock from your videos and website ...
and im clicking on them too... hope it helps you :)
Thank You Anton
Thank you for great explanation.
Glad it was helpful!
wonderful explanation!!!
Glad you think so!
I wish people taught more like you.
Thanks for the kind words! :)
Very helpful video, gives me much better understanding now.
+Xiangyu Zhang We're so glad our videos helped you further understand! Thanks for choosing and watching IT Free Training!
Very well Explained..Thank you!!!!
We're glad you liked it! You're welcome and thanks for watching. ;)
Very Nice video.Every basic information is caputed perfectly
Thanks!
Very Good Tutorial. Thanks!
Thanks very much.
Thank You. Very informative.
Thank you for a great video. But why didn't you put this one in "certificates" playlist?
Excellent work.
Thanks very much.
Thank you very much.
thank you sir, looking forward to videos like these.
Thank you!
Lets see if understood this please. When accessing a web site, your computer downloads the cert from the site and then determines if it can be trusted based on the cert authority or who issues it. If trusted , your computer uses the public key for that domain ? to encrypt. The web server on particular domain can decrypt using the private key. That forms the secure ssl channel. Sound good or not ?
Thanks Anton
Thank You for this presentation, its great.
You're most welcome!
Hi,
Please give an example where Electronic certificate is issued to User, computer & a device?
Thanks
Hi Thanks for the tutorial, How the Public CA works & any one can go for Public CA.
Thanks for the Video.
You're most welcome!
Nice Video. Thank you !
Thanks very much.
Got it! Thanks!
Glad we could help.
Thank you very much!!!
Thanks very much.
Very nicely explained.
+Eddie Kumar Shrivastava (Aditya) Thanks! We work hard to give you the best explanations.
Thanks very much!!
Like it a lot. Very well explained
+itfreetraining Thank you. Glad you found it helpful
very clear explanation
Glad you think so!
so beautifully explained .
thanksss
You're very welcome!
You're Welcome
Thank you.
Very informative, thank you very much.
You are very welcome! Thanks for watching. :)
Very helpful.