HTTPS 如何接受证书?
最佳答案
非常简单地讲了一个小故事:
Client : (Connects to the server and, sticks out it's hand) "Hello! Here are my encryption details."
Server : (Takes hand of the client) "Hello. Here are my encryption details. Here is my certificate." (Handshake negotiation complete. Client check the cerificate)
Client : Great, here's my key! So from now on everything is encrypted using this key. OK?
Server : OK! (SSL Handshake complete)
Client : Great, Here comes my data over HTTP!!
Certificates用于 SSL handshake .服务器交给客户端的证书是signed通过 Certificate Authority (CA) 类似于 VeriSign,并且特定于服务器。 SSL 握手中会进行各种检查。需要了解的重要事项之一是证书的 Common Name 属性必须与服务器的主机/DNS 名称相匹配。
客户端有一份 CA 的 public certificate (key)因此可以使用它(例如用 SHA1 计算)来查看服务器的证书是否仍然正常。
关于ssl - HTTPS 和证书,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/5603052/