How does SSL Work In Apache| SSL Configuration ON Apache

How does SSL Work In Apache| SSL Configuration On Apache
SSL (Secure Sockets Layer) = cryptographic protocol which provides secure communications on the Internet (application layer) [TSL (Transport Layer Security) = SSL successor. SSL 3.0 and TSL 1.0 remain substantially the same]
HTTPS = HTTP over SSL HTTPS = URI Scheme indicating that HTTP is to be used but with a different default port (443) and an additional encryption/authentication layer between HTTP and TCP (SSL). Uses SSL as a sub-layer under the regular HTTP application layer and uses port 443 in its interactions with lower layer. It only protects the data between the client and the server (not on the server itself). HTTPS supports the use of X.509 digital certificates from the server so that a user can authenticate the server.
  • 1-way SSL (server certificate): Only the server uses a certificate, i.e. server authentication but no client authentication.
  • 2-way SSL (client & server certificate): Authentication of both.
How does SSL work ::
  1. The browser requests secure page (https:// …)
  2. The web server sends its public key with its certificate
  3. The browser checks that the certificate was issued by a trusted third party (CA), that the certificate is valid and that the certificate is related to the site contacted.
  4. The browser then uses the public key to encrypt a random symmetric encryption key and sends it to the server with the encrypted URL required as well as other encrypted http data.
  5. The web server decrypts the symmetric encryption key using its private key and uses thesymmetric key to decrypt the URL and the http data.
  6. The browser decrypts the http data and html document using the symmetric key and displays the information.
In Short :
Browser   ————————————————————–à>>> Web Server
1. SSL Certificate matching
2. Encryption at Browser side using Public Key (URL + http Data)
3. Decryption at Web server side using Private Key (URL + http Data)
how does ssl work in apache, ssl configuration on apache, ssl configuration, A Simple, Step-By-Step Guide To Apache Tomcat SSL Configuration, Configuring SSL Under Apache, SSL Certificate Installation