Hello, > Can anyone help me to identify the certificate requirement for the > below scenario > > We are planning to implement ssl for our b2b product > > Server : Apache webserver > Client : JAVA based Product(not browser) > > 1. Server should authenticate the client. > 2. Client should authenticate the server. > 3. Server should encrypt and decrypt the message > 4. Client should encrypt and decrypt the message > > > Now for Point 2 to 3 (server side certificate) my understanding is > a. I should generate private key, csr and then get it signed from > authorities like verisign. > b. Place the private key and the certificate at the server side > c. Place the certificate (publickey+certificate) and root certificate > at client side > The server will decrypt and encrypt the messages using the its private > key, the client will authenticate the server and encrypt and decrypt > the message using server's public key + certificate. > > Now If have to implement point 1 (server authenticating the client) do > I have to get another certificate for the client? > If I have separate certificate for the client I have to have private > key also for the client. In that case how the encryption, decryption > does happen? > > > In my client's(JAVA based Product) if I have to enable the ssl for > point 1 I have to specify the client certificate and the private > key(It expects the client certificate and private key. In that case > both client and server will have its own private key. I am little > confused how encryption and decryption will happen if both client and > server has its own private key? > > Can any one help me to clarify the above. In SSL, server RSA private_key/server_certificate is used to securely transport from client to server 48 bytes of random data called pre_master_secret from which key for symmetrical encryption alghoritms (DES, AES) and message digest functions (MD5, SHA1) are created. This means that encryption/decryption of real application data is performed by symmetrical encryption, not RSA. For short: - server sends server_certificate to client - client checks server_certificate (with root CA) - client encrypts random 48 bytes with server_certificate and sends to server - server decrypts this data with server private_key and gets 48 random bytes from client - both sides calculates keys for encryption, MAC verification Server proofs having proper private key by generating proper symmetrical keys (identical with clients).
Client_private_key/client_certificate is used only for client authentication. If server is configured to request client authentication then special packet is send from server to client requesting client certificate (certificate_request), in response client sends to server his certificate (in certificate packet) and special packet called certificate_verify which has special data encrypted with client private key. Server verifies client certificate (with root CA), decrypts data from certificate_verify packet using client certificate, calculates your own data, compares this and if this equals - client is authenticated by server. Of course this proof only that client has client_private_key/client_certificate. >From now, client key/certificate is not used. Best regards, -- Marek Marcola <[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]