What is CA certificate, and why do we need it?

Asked 15/10, 2016 at 16:5 Answered 25/4, 2020 at 6:56

I've just read this article about what is HTTPS service, and understand the basic of https.

When requesting https content, the server will send a public key to browser, so that every time, the browser receive data will decrypted with the public key.

My question is what is CA certificate for? Why do we need it?

Musculature answered 15/10, 2016 at 16:5 Comment(6)

You don't. Check out Let's Encrypt. – Vanna 15/10, 2016 at 16:10

@Vanna Why there is an Authority? My understanding is that, https is point to point, strictly between 2 parties. – Musculature 15/10, 2016 at 16:15

Stack Overflow is a site for programming and development questions. This question appears to be off-topic because it is not about programming or development. See What topics can I ask about here in the Help Center. Perhaps Super User or Information Security Stack Exchange would be a better place to ask. Also Where do I post questions about Dev Ops?. – Vc 15/10, 2016 at 18:56

@Vanna Lets Encrypt still has a CA - the “difference” about LE is that a) it’s free, and b) it’s automatically renewed (or if you can’t automatically it’s probably not worth bothering) - so a double win! – Rodrigues 9/10, 2019 at 19:17

@NicolasS.Xu SSL certificate come with a public key, then you can use it in HTTPS connection. However, it is not recommended to trust SSL certificates that are not signed by recognised CAs. It is because reputable web-sites are most likely asking recognised CAs to sign their certificates. Average crackers do not do that. – Cheetah 28/1, 2022 at 7:58

@Vc You said: "This question appears to be off-topic because it is not about programming or development." Disagree. IMO it is quite on-topic and very much programming/development related. Every IT/deops/etc problem starts with development of software (and/or hardware) solution - using some computation algorithms and protocols. Information privacy and security is especially science-dense programming specialization with potentially high stakes. – Renaissance 5/5, 2023 at 10:16

A CA certificate is a digital certificate issued by a certificate authority (CA), so SSL clients (such as web browsers) can use it to verify the SSL certificates sign by this CA.

For example, stackoverflow.com uses Let's Encrypt to sign its servers, and SSL certificates sent by stackoverflow.com mention they are signed by Let's Encrypt. Your browser contains the CA certificate from Let's Encrypt and so the browser can use that CA certificate to verify the stackoverflow's SSL certificate and make sure you are indeed talking to real server, not man-in-the-middle.

https://security.stackexchange.com/a/20833/233126 provides a more detail explanation about how TLS/SSL certificates work.

Cheetah answered 25/4, 2020 at 6:56 Comment(0)

Signature, Certificate

[Encoding Encryption Hashing]

[ASN.1, DER, PEM]

Digital Signature

Digital signature - ensures that some data(like message, document, file...) is sent by the intended side - verify Integrity, authenticity, Non-repudiation. Digital signatures can be attached(data is a part of signature) or detached^[Example](data is not a part of signature and they are transported separately) to message.

//Create a signature by owner
1. owner of asymmetric key pair(private/public keys)
2. calculate a check sum of data: Message(M) -> Hash message by some hash algorithm -> message digest(MD1)
3. encode(**sign**) calculated check sum: encrypt message digest(MD1) by private key -> Digital signature(DS)

//Check a signature
1. calculate a check sum of data: Message(M) -> Hash message by some hash algorithm -> message digest(MD2)
2. decode(**verify**) digital signature: decrypt Digital signature(DS) by owner's public key -> message digest(MD1)
3. compare check sums from step 1 and 2: is MD2 == MD1

Digital Certificate

Certificate - is a file which contains owner's public key and other owner's info. This file is signed by Certificate Authority(CA) with digital signature - the entire certificate is converted to .der and hash sum is calculated

Subject - owner' data(from CSR)
Issuer - CA who issued a certificate
Serial Number - CA's unique identifier
Valid From/To 

Public Key
Signature Algorithm
Signature Value

version
extension

//fingerprint - it is not a part of certificate, which is calculated by demand and can be used as unique identifier. It is a hash of the entire certificate in DER(.der) format
...

certificate authority(CA) certificate guarantees that you are who you are.

Public certificate authority(CA)
Private certificate authority(CA)

Self-signed certificate is a certificate which is not issued by certificate authority(CA) and where subject name is equals issuer name. Please note that Root certificate is self signed.

You are able to create Self-signed certificate on Mac:

Keychain Access -> Certificate Assistant -> Create a Certificate

mySelfSignedCertificate.pem

Verified certificate is a certificate which is a part of trusted certificate chains, where root certificate already was added in your keychain(trusted store)(by System, browser, you...)

Chain of trust (Certificate chain) - is a hierarchy of certificates to validate an issuer. Every certificate in this hierarchy is signed and issued by patent certificate

Root(trust anchor) Certificate - [Intermediate(subordinate, issuing) Certificate] - End-user(end-entity, leaf, subscriber) Certificate

Root certificate - signs and issues only Intermediate certificates.
Intermediate certificate - signs and issues other Intermediate certificate and End-user Certificate.
End-user certificate - cannot sign and issue certificates.

[OpenSSL verify certificate chain]

Mac Keychain propose you next certificate validation options:

//System trust
This certificate is valid

//Manually added self-signed certificate and manually trusted
This certificate is masked as trusted for this account

//Manually added self-signed certificate
This certificate has not been verified by a third party

Validation/verification algorithm - Since child certificate is signed by parent(using parent's private key) and root certificate is self signed, and every child certificate has a link to it's parent(child's Issuer name equals to parent's Subject name) and root's certificate Issuer name equals to root's certificate Subject name. It means that the simplest way(without extensions and it's constraints) is just name matching. Don't forger that root certificate is usually pre-downloaded and intermediate and user-ended are usually downloaded during handshake

Charles Proxy uses self-signed certificate to sniff a traffic using Man-in-the-middle(MITM) proxy - Https ProxyServer

client - with added Charles Certificate and encrypt messages by Charles public key
Https ProxyServer - has Server's Certificate and proxy message and encrypt it by Server public key
Server

SSL Pinning is a mechanism when a client during handshake check/validate a retrieved certificate and compare it with local copy and fail the connection if it is not verified

[Certificate Signing Request(CSR)] - Info with a public key and other data which is send to CA

Frowsty answered 12/12, 2019 at 14:41 Comment(2)

The parts of this diagram about asymmetric encryption are irrelevant, or wrong if they refer to TLS. – Knucklebone 25/4, 2020 at 7:8

@MarquisofLorne, could you please provide some resources where I can draw about it ? – Frowsty 3/12, 2020 at 20:54

Most certificates do not cost $800 and CAs such as Let's Encrypt are free (at the cost of added inconvenience of periodic and often renewals)

The issue is why would the client trust that the server is the correct server? The answer is that an authority, a CA, issues and vouches for the server certificate. In some manner the CA, verifies the certificate requester. Then the CA provides a public interface to verify a certificate's authenticity. The CA must be know to the client that that is achieved by the OS and/or in the case the browser may also have embedded CAs.

Shoon answered 15/10, 2016 at 18:54 Comment(0)

Recommended topics

Hot tags