How HTTPS, SSL/TLS actually work?
Vložit
- čas přidán 16. 05. 2024
- Most of us always come across this discussion around securing network traffic with HTTPs or SSL/TLS and often we use these terms interchangibly. In this lecture let's understand what it actually means, how these protocols work, and what you need in order to secure the data in transit.
If you want to learn these topics by doing hands-on exercises then I recommend to sign up for www.awswithchetan.com/courses.... [50% off until 31st Dec'23. Get this course for under $10]
Happy Learning !
Regards,
Chetan - Věda a technologie
Sorry, there was a temporary problem for the people trying to purchase the course from US. Its fixed now. Kindly message here if it doesn't work.
Great work ! Thanks for clear explanation.
Glad it was helpful!
Great video please do more videos on services
hi chetan,thamks
Great video. Best explanation on this topic ever. Just one question, what if man in middle gets hold of your encrypted values and pretend to be the client
Session key is generated on the client side to which man in the middle does not have access to. So he/she can’t decrypt the packets. If we want that client also should authenticate then we need to implement mutual TLS (mTLS) which is almost the same process but in other direction where client also presents its identity certificate to the server.
Thanks. I can't access your link. Get a 404
Hi Chetan, great content & really good explanation. One question though about 14.50 - I always thought asymmetric cryptography allows public key to encrypt and private key to decrypt as well as other way round. You can encrypt with private key and decrypt with the private key - it is possible. However, it is not a common practice as the owner of the key pair (the server) shares the public key with everyone & hence content encrypted with private key can possibly be decrypted by man in the middle (who has the public key from previous connection) & that is not intended. Keypairs are static in nature for a server & does not change frequently.
Hope you agree?
You are right & wrong. One can indeed encrypt with Private Key which can be decrypted with corresponding Public Key & this is not useless/unintended, but exactly the technique used to ensure integrity of Certificates. CA creates Certificate, then compute HASH value of that Certificate which is then signed with Private Key of CA. Someone in the middle can't tamper the Certificate because that will result in change of HASH value which can't be signed using CA's Private Key. The HASH value encrypted using CA Private Key serves as the Digital signature of the CA!
Hi Chetan Loved your clear explanation and also when i try to open the link i'm receiving 404 , can you lemme know when it works ?
Hi Abhishek,
www.awswithchetan.com should work. Can you please check and let me know if it doesn’t.
It still doesn't work
@@testercoder436Can you please share which link are you trying? You can also send it over an email to awswithchetan@gmail.com
Can you please share which link are you trying? You can also send it over an email to awswithchetan@gmail.com
Thanks for the video. Unable to get 50% discounted course link. Its ending up in 404 error. Can you please verify and fix it. also please share the coupon code for 50% discount
@mcprams Not sure what's the problem. Can you try again? Use code: EBIRD for US, ERLYBRD for India, ERBIRD for UK. Course link: www.awswithchetan.com/courses/AWS-VPC-and-Networking