Skip to Content

Changes for page What are certificates

Last modified by Erik Bakker on 2024/08/26 12:58
From version 6.1
edited by Carlijn Kokkeler
on 2024/08/21 15:34
Change comment: There is no comment for this version
To version 1.1
edited by Erik Bakker
on 2022/06/12 09:53
Change comment: There is no comment for this version

Summary

Details

Page properties
Title
... ... @@ -1,1 +1,1 @@
1 -What are certificates
1 +novice-securing-your-data-traffic-what-are-certificates
Author
... ... @@ -1,1 +1,1 @@
1 -XWiki.CarlijnKokkeler
1 +XWiki.ebakker
Content
... ... @@ -1,12 +1,20 @@
1 1  {{container}}{{container layoutStyle="columns"}}(((
2 +
3 +
4 +
5 +# What are certificates
6 +
2 2  In this microlearning, we will focus on what certificates are and will relate this to how you could use them to secure your data traffic.
3 3  
4 4  Should you have any questions, please contact academy@emagiz.com.
5 5  
6 -== 1. Prerequisites ==
11 +* Last update: April 22th, 2021
12 +* Required reading time: 7 minutes
13 +
14 +## 1. Prerequisites
7 7  * Basic knowledge of the eMagiz platform
8 8  
9 -== 2. Key concepts ==
17 +## 2. Key concepts
10 10  This microlearning centers around what are certificates.
11 11  
12 12  By certificates we mean: A trustworthy document that is interchanged between parties to verify that both parties are who they claim to be
... ... @@ -20,8 +20,10 @@
20 20  * eMagiz to an external party
21 21  * External party to eMagiz
22 22  
23 -== 3. What are certificates ==
24 24  
32 +
33 +## 3. What are certificates
34 +
25 25  In this microlearning, we will focus on what certificates are and will relate this to how you could use them to secure your data traffic.
26 26  
27 27  Certificates can be used in many forms. Two distinct forms are:
... ... @@ -37,7 +37,7 @@
37 37  
38 38  * What are certificates used for?
39 39  
40 -=== 3.1 What are certificates used for? ===
50 +### 3.1 What are certificates used for?
41 41  
42 42  One application of the use of certificates lies in the authentication. With certificates in this form, you have a method of verifying that the person that claims to be a certain individual is indeed that individual. One application lies in the encryption of data when it is being exchanged between two parties. This ensures that an independent third party cannot see what data is exactly exchanged between these two parties.
43 43  
... ... @@ -64,7 +64,7 @@
64 64  
65 65  To recap, you have a server certificate (belonging to the party that receives the request) and you have a client certificate (belonging to the party that executes the request). With the help of a client certificate, a server can limit who can gain access to the server based on the certificate they provide at the door. If a server is publicly accessible but makes use of a certificate we say the connection is secured with the help of one-way SSL (HTTPS traffic). If the server requires a client certificate we talk about two-way SSL.
66 66  
67 -=== 3.2 What if I want to use a self-signed certificate? ===
77 +### 3.2 What if I want to use a self-signed certificate?
68 68  
69 69  There is no technical requirement to always use certificates that are signed by a CA. Another approach is to create a self-signed certificate. This way the party that receives the request will look in the so-called truststore. The truststore houses all certificates (public keys) of trusted parties.
70 70  
... ... @@ -74,7 +74,7 @@
74 74  
75 75  The combination of such a private key and a public key is called a key pair.
76 76  
77 -=== 3.3 How to get your key signed by a trusted party ===
87 +### 3.3 How to get your key signed by a trusted party
78 78  
79 79  In some cases, an external party with whom we do business asks us to manage the certificate but has the requirement that the certificate that we have created and manage needs to be signed by a trusted party before it can be used in the field. To do you need to create a certificate signing request. You can do this with the help of tools such as Keystore Explorer, more on the technical details in a later microlearning.
80 80  
... ... @@ -82,29 +82,32 @@
82 82  
83 83  After you have configured this correctly you should secure it via a password and save it. From here on you can create a certificate signing request (CSR). After a while, you will get a response back from the CA. You can link this to your keypair via an Import CA Reply. The result can be seen in Keystore Explorer.
84 84  
85 -=== 3.4 Encryption ===
95 +### 3.4 Encryption
86 86  
87 87  To ensure encryption the client locks the data with the help of the public key in a format that can only be read by the intended party. At that point, only the party that has the matching private key has the option to decrypt the message and process it.
88 88  
89 -== 4. Key takeaways ==
90 90  
100 +
101 +## 4. Assignment
102 +
103 +Read up on certificates and how they work in communication with other parties and see if you get what the function of certificates is.
104 +
105 +## 5. Key takeaways
106 +
91 91  * Certificates are all about trust
92 92  * When a certificate is trusted by a CA it is natively trusted by others
93 93  * In the case of self-signed certificates you need key stores and truststores to keep the private and public info secure
94 94  * With the help of a certificate signing request (CSR) you can let a CA sign your certificate
95 95  
96 -== 5. Suggested Additional Readings ==
97 97  
98 -* [[Novice (Menu)>>doc:Main.eMagiz Academy.Microlearnings.Novice.WebHome||target="blank"]]
99 -** [[Securing Data Traffic (Navigation)>>doc:Main.eMagiz Academy.Microlearnings.Novice.Securing Data Traffic.WebHome||target="blank"]]
100 -*** [[Sending certificates to a webservice (Explanation)>>doc:Main.eMagiz Academy.Microlearnings.Novice.Securing Data Traffic.novice-securing-your-data-traffic-sending-certificates-to-a-webservice||target="blank"]]
101 -* [[Intermediate (Menu)>>doc:Main.eMagiz Academy.Microlearnings.Intermediate Level.WebHome||target="blank"]]
102 -** [[eMagiz Cloud Management (Navigation)>>doc:Main.eMagiz Academy.Microlearnings.Intermediate Level.eMagiz Cloud Management.WebHome||target="blank"]]
103 -*** [[Certificates (Explanation)>>doc:Main.eMagiz Academy.Microlearnings.Intermediate Level.eMagiz Cloud Management.intermediate-emagiz-cloud-management-certificates||target="blank"]]
104 -** [[REST Connectivity (Navigation)>>doc:Main.eMagiz Academy.Microlearnings.Intermediate Level.REST Connectivity.WebHome||target="blank"]]
105 -*** [[Sending certificates to a REST web service (Explanation)>>doc:Main.eMagiz Academy.Microlearnings.Intermediate Level.REST Connectivity.intermediate-rest-webservice-connectivity-certificates-when-calling-a-rest-webservice||target="blank"]]
106 -* [[RCA Knowledge Base (Menu)>>doc:Main.eMagiz Support.RCA Knowledge Base.WebHome||target="blank"]]
107 -** [[Runtime Issues (Navigation)>>doc:Main.eMagiz Support.RCA Knowledge Base.rca-knowledgebase-runtime-issues.WebHome||target="blank"]]
108 -*** [[Expiring Certificates (Explanation)>>doc:Main.eMagiz Support.RCA Knowledge Base.rca-knowledgebase-runtime-issues.rca-knowledgebase-expiring-certificates.WebHome||target="blank"]]
109 109  
114 +## 6. Suggested Additional Readings
115 +
116 +If you are interested in this topic and want more information on it please read the release notes provided by eMagiz
117 +
118 +## 7. Silent demonstration video
119 +
120 +{{video url="https://youtu.be/7TxZGQKXZnQ" attachment="Certificates * The Adventure" videoPoster="http://i.imgur.com/Ot5DWAW.png"/}}
121 +
110 110  )))((({{toc/}}))){{/container}}{{/container}}
123 +