I’ve read several articles about HTTPS recently. HTTPS refers to a number of terms including symmetric encryption, asymmetric encryption, hash encryption, middle man, digital signature, CA, digital certificate. Do not know the students to baidu. (A full description can be found at juejin.cn/post/684490…) The authentication process of HTTPS is the same as the authentication process of HTTPS. The authentication process of HTTPS is the same as that of HTTPS.
- The server A applies for A digital certificate with its own personal information from the third-party authentication authority (CA). The certificate has A digital signature. The signature is generated by the CA using its own private key to encrypt A’s personal information asymmetrically using the summary algorithm (WIDELY used RSA).
- Client B gets the digital certificate provided by server A and obtains the digital signature and the summary algorithm of user A’s personal information. Then, CA’s public key is used for asymmetric decryption of the digital signature, and the obtained information is compared with the personal information in A’s digital certificate by the same summary algorithm. If the same, it is believed that the digital certificate is indeed A valid certificate authenticated by CA.