Last modified by Erik Bakker on 2024/08/26 12:58
From version 1.1
edited by Erik Bakker
on 2022/06/12 09:53
Change comment: There is no comment for this version
To version 2.1
edited by Erik Bakker
on 2022/06/12 09:56
Change comment: There is no comment for this version

Summary

Details

Page properties
Title
... ... @@ -1,1 +1,1 @@
1 -novice-securing-your-data-traffic-what-are-certificates
1 +What are certificates
Content
... ... @@ -1,9 +1,4 @@
1 1  {{container}}{{container layoutStyle="columns"}}(((
2 -
3 -
4 -
5 -# What are certificates
6 -
7 7  In this microlearning, we will focus on what certificates are and will relate this to how you could use them to secure your data traffic.
8 8  
9 9  Should you have any questions, please contact academy@emagiz.com.
... ... @@ -11,10 +11,10 @@
11 11  * Last update: April 22th, 2021
12 12  * Required reading time: 7 minutes
13 13  
14 -## 1. Prerequisites
9 +== 1. Prerequisites ==
15 15  * Basic knowledge of the eMagiz platform
16 16  
17 -## 2. Key concepts
12 +== 2. Key concepts ==
18 18  This microlearning centers around what are certificates.
19 19  
20 20  By certificates we mean: A trustworthy document that is interchanged between parties to verify that both parties are who they claim to be
... ... @@ -30,7 +30,7 @@
30 30  
31 31  
32 32  
33 -## 3. What are certificates
28 +== 3. What are certificates ==
34 34  
35 35  In this microlearning, we will focus on what certificates are and will relate this to how you could use them to secure your data traffic.
36 36  
... ... @@ -47,7 +47,7 @@
47 47  
48 48  * What are certificates used for?
49 49  
50 -### 3.1 What are certificates used for?
45 +=== 3.1 What are certificates used for? ===
51 51  
52 52  One application of the use of certificates lies in the authentication. With certificates in this form, you have a method of verifying that the person that claims to be a certain individual is indeed that individual. One application lies in the encryption of data when it is being exchanged between two parties. This ensures that an independent third party cannot see what data is exactly exchanged between these two parties.
53 53  
... ... @@ -74,7 +74,7 @@
74 74  
75 75  To recap, you have a server certificate (belonging to the party that receives the request) and you have a client certificate (belonging to the party that executes the request). With the help of a client certificate, a server can limit who can gain access to the server based on the certificate they provide at the door. If a server is publicly accessible but makes use of a certificate we say the connection is secured with the help of one-way SSL (HTTPS traffic). If the server requires a client certificate we talk about two-way SSL.
76 76  
77 -### 3.2 What if I want to use a self-signed certificate?
72 +=== 3.2 What if I want to use a self-signed certificate? ===
78 78  
79 79  There is no technical requirement to always use certificates that are signed by a CA. Another approach is to create a self-signed certificate. This way the party that receives the request will look in the so-called truststore. The truststore houses all certificates (public keys) of trusted parties.
80 80  
... ... @@ -84,7 +84,7 @@
84 84  
85 85  The combination of such a private key and a public key is called a key pair.
86 86  
87 -### 3.3 How to get your key signed by a trusted party
82 +=== 3.3 How to get your key signed by a trusted party ===
88 88  
89 89  In some cases, an external party with whom we do business asks us to manage the certificate but has the requirement that the certificate that we have created and manage needs to be signed by a trusted party before it can be used in the field. To do you need to create a certificate signing request. You can do this with the help of tools such as Keystore Explorer, more on the technical details in a later microlearning.
90 90  
... ... @@ -92,17 +92,17 @@
92 92  
93 93  After you have configured this correctly you should secure it via a password and save it. From here on you can create a certificate signing request (CSR). After a while, you will get a response back from the CA. You can link this to your keypair via an Import CA Reply. The result can be seen in Keystore Explorer.
94 94  
95 -### 3.4 Encryption
90 +=== 3.4 Encryption ===
96 96  
97 97  To ensure encryption the client locks the data with the help of the public key in a format that can only be read by the intended party. At that point, only the party that has the matching private key has the option to decrypt the message and process it.
98 98  
99 99  
100 100  
101 -## 4. Assignment
96 +== 4. Assignment ==
102 102  
103 103  Read up on certificates and how they work in communication with other parties and see if you get what the function of certificates is.
104 104  
105 -## 5. Key takeaways
100 +== 5. Key takeaways ==
106 106  
107 107  * Certificates are all about trust
108 108  * When a certificate is trusted by a CA it is natively trusted by others
... ... @@ -111,13 +111,12 @@
111 111  
112 112  
113 113  
114 -## 6. Suggested Additional Readings
109 +== 6. Suggested Additional Readings ==
115 115  
116 116  If you are interested in this topic and want more information on it please read the release notes provided by eMagiz
117 117  
118 -## 7. Silent demonstration video
113 +== 7. Silent demonstration video ==
119 119  
120 120  {{video url="https://youtu.be/7TxZGQKXZnQ" attachment="Certificates * The Adventure" videoPoster="http://i.imgur.com/Ot5DWAW.png"/}}
121 121  
122 122  )))((({{toc/}}))){{/container}}{{/container}}
123 -