For example, an X.509 certificate includes the format of the certificate, the serial number of the certificate, the algorithm used to sign the certificate, the name of the certification authority (CA) that issued the certificate, the name and public key of the entity that requests the certificate, and the CA's signature. Certificates can contain different types of data. Server certificates are sent from the server to the client so that the client can obtain a public key for the server and ensure that the server has been verified by a certification authority. The following sections provide details on creating WinHTTP based applications that elect an SSL protocol version, examine server certificates, and select client certificates to send to HTTPS servers. While the details of the SSL handshake and transaction are handled internally, WinHTTP enables you to retrieve encryption levels, specify the security protocol, and interact with server and client certificates. WinHTTP provides a high level interface for using SSL. If a common set of requirements can be agreed upon and met, an SSL connection is established. Essentially, the client and server each present a list of required and preferred settings. It also enables the server to confirm the identity of the client with client certificates.Įach of these issues encryption, server identity, and client identity are negotiated in the SSL handshake that occurs when a client first requests a resource from a Secure Hypertext Transfer Protocol (HTTPS) server. It enables the client to verify that the server belongs to a trusted entity through the use of server certificates.
SSL provides a mechanism to perform up to 128-bit encryption on all transactions between the client and server. SSL is an established standard for ensuring secure HTTP transactions. This topic explains concepts involved in an SSL transaction and how they are handled using WinHTTP.
Microsoft Windows HTTP Services (WinHTTP) supports Secure Sockets Layer (SSL) transactions including client certificates.
0 kommentar(er)
