When a user browses to a secure site, they see a change in the browser address bar. The protocol part of the URL changes to ‘HTTPS’ and a padlock or shield icon usually appears. If the trusted ‘master’ certificate of the NBA is installed on the client machine, the user sees no change in the look or behavior of the site. If the user clicks the padlock or shield icon, they can view the certificate of the web site. This certificate looks very similar to the original certificate from the web site, except that the certificate signer will be ‘CA DataMinder’ (you can customize this name).
Invalid Certificates
If the user browses to an HTTPS site that presents an invalid certificate, the address bar may turn red and the main content window shows a warning message. This message permits the user to ignore the warning and continue browsing to the site. The same happens if the NBA is decrypting the network traffic. The error in the site’s certificate is replicated in the certificate supplied by the NBA to the client’s browser.
Extended Validation (EV) or High Assurance certificates
Extended Validation (EV) or High Assurance certificates are issued to web sites by certain Certificate Authorities. They are issued to sites only after additional checks to verify the identity of the owner of the site. The browser contains a list of these Certification Authorities. If the root certificate of a particular web site is in the list, the address bar in the browser turns green and shows the Certificate Authority name. When using the NBA SSL decoder, such sites are decoded correctly but displayed with the standard browser address bar (with a white background).
|
Copyright © 2014 CA.
All rights reserved.
|
|