Comments on: Apache and SSL http://www.karkomaonline.com/index.php/2003/07/apache-and-ssl/ a Blog for SysAdmins and Unix stuff in general Tue, 13 Sep 2011 05:10:07 +0000 hourly 1 http://wordpress.org/?v= By: karkoma http://www.karkomaonline.com/index.php/2003/07/apache-and-ssl/comment-page-1/#comment-11 karkoma Mon, 19 Apr 2004 16:39:15 +0000 http://www.karkoma.info/index.php/2003/07/13/apache-and-ssl/#comment-11 <p>*.crt files mentioned in the article are PEM encoded. And are recognized by Apache. DER enconded certs are converted to PEM format issuing something like this:</p> <blockquote>openssl x509 -inform DER -in cert.crt -outform PEM -out cert.der</blockquote> *.crt files mentioned in the article are PEM encoded. And are recognized by Apache. DER enconded certs are converted to PEM format issuing something like this:

openssl x509 -inform DER -in cert.crt -outform PEM -out cert.der

]]> By: morpheo http://www.karkomaonline.com/index.php/2003/07/apache-and-ssl/comment-page-1/#comment-10 morpheo Tue, 18 Nov 2003 02:15:14 +0000 http://www.karkoma.info/index.php/2003/07/13/apache-and-ssl/#comment-10 <p>Very interesting article indeed. Let me enlighten one point (quotation from webdav howto).</p> <p>...</p> <blockquote>Anything encrypted with Private Key can only be decrypted by using the Public Key. Similarly anything encrypted using the Public Key can only be decrypted using the Private Key. There is a common mis-conception that only the Public Key is used for encryption and Private Key is used for decryption. This is not case. Any key can be used for encryption/decryption. However if one key is used for encryption then the other key must be used for decryption. e.g. A message can not encrypted and then decrypted using only the Public Key. Using Private Key to encrypt and a Public Key to decrypt ensures the integrity of the sender (owner of the Private Key) to the recipients. Using Public Key to encrypt and a Private Key to decrypt ensures that only the inteded recipient (owner of the Private Key) will have access to the data.(i.e. only the person who holds the Private Key will be able to decipher the message). <strong>Symmetric Cryptography</strong>: Actual transmission of data: After the SSL connection has been established, Symmetric cryptography is used for encrypting data as it uses less CPU cycles. In symmetric cryptography the data can be encrypted and decrypted using the same key. The Key for symmetric cryptography is exchanged during the initiation process, using Public Key Cryptography. <strong>Message Digest</strong>: The server uses message digest algoritm such as HMAC, SHA-1, MD5 to verify the integrity of the transferred data.</blockquote> <p>...</p> <p>Great article!</p> Very interesting article indeed. Let me enlighten one point (quotation from webdav howto).

Anything encrypted with Private Key can only be decrypted by using the Public Key. Similarly anything encrypted using the Public Key can only be decrypted using the Private Key. There is a common mis-conception that only the Public Key is used for encryption and Private Key is used for decryption. This is not case. Any key can be used for encryption/decryption. However if one key is used for encryption then the other key must be used for decryption. e.g. A message can not encrypted and then decrypted using only the Public Key.

Using Private Key to encrypt and a Public Key to decrypt ensures the integrity of the sender (owner of the Private Key) to the recipients. Using Public Key to encrypt and a Private Key to decrypt ensures that only the inteded recipient (owner of the Private Key) will have access to the data.(i.e. only the person who holds the Private Key will be able to decipher the message).

Symmetric Cryptography: Actual transmission of data: After the SSL connection has been established, Symmetric cryptography is used for encrypting data as it uses less CPU cycles. In symmetric cryptography the data can be encrypted and decrypted using the same key. The Key for symmetric cryptography is exchanged during the initiation process, using Public Key Cryptography.

Message Digest: The server uses message digest algoritm such as HMAC, SHA-1, MD5 to verify the integrity of the transferred data.

Great article!

]]>