Previous Topic: Multiple Symmetric Encryption Methods in an Enterprise DeploymentNext Topic: What a Certificate Contains


SSL, Authentication, and Certificates

Secure Sockets Layer (SSL), including TLS, provides communications between computer programs. SSL helps ensure that communications have the following properties:

Participants authenticate each other by using X.509 certificates. An X.509 certificate is an electronic document that links the certificate owner's address with a public key. The certificate is not forgeable.

SSL works on a client/server model and uses PKI (public key infrastructure). When a client receives an X.509 certificate from a server, it checks if the certificate is valid. If the certificate is valid, the client knows that the server is the program or user that it purports to be, so the server is authenticated. Also, if the client uses the certificate's public key to encrypt data, only the server can decrypt that data, so the data is secure. Conversely, the server uses the X.509 certificate it receives from a client in the same way.