- Report this article
Ehis Iribhogbe
Ehis Iribhogbe
Java Backend Engineer | Driving Innovation in Software Development | Springboot | Java | DevOps | Fintech | Technical Writer (Cloud)
Published Mar 13, 2023
+ Follow
Introduction
When you browse the web, you might have noticed that some websites have a padlock icon in the address bar, indicating that they are secure. This security is provided by TLS (Transport Layer Security) encryption, which ensures that your data is transmitted securely over the internet. However, how does your browser know that the TLS certificate presented by the web server is a legitimate one signed by a trusted Certificate Authority (CA)? In this article, we will discuss how web browsers determine if a TLS certificate presented by a web server is legitimate and has been signed by a trusted Certificate Authority (CA).
Prerequisites: A fundamental understanding of web browsers, Certificate Authorities, TLS certificates, and digital authentication process is necessary.
Let’s Go!
Each Certificate Authority has set of key pairs(Private and Public Keys). The Certificate Authority uses their private key to sign the Certificate, all the public keys are all built-in all the browsers. The browsers uses the public key of the Certificate Authority to validate the certificate was actually signed by the Verified Certificate Authority themselves.
When a web server presents a TLS certificate to a browser, the browser needs to verify that the certificate is legitimate and has been signed by a trusted certificate authority (CA). Here is a simplified overview of the process:
In summary, your browser uses a combination of checks and verification processes to ensure that the TLS certificate presented by a web server is legitimate and has been signed by a trusted CA. This helps to protect your online security and privacy by encrypting your connection to the website and preventing attackers from intercepting or tampering with your data.
Like
Celebrate
Support
Love
Insightful
Funny
26
3 Comments
Alexander Yurishchev
Software Developer
2mo
- Report this comment
a final brick in understanding TLS as such. Thanks)
1Reaction 2Reactions
Agron Xhuka
3mo
- Report this comment
excellent, very helpful :)
1Reaction 2Reactions
sanjeewa priyanath
Software Engineer | Java | Spring boot | Angular | 3 years
3mo
- Report this comment
clearly explained. Thank you
1Reaction 2Reactions
See more comments
To view or add a comment, sign in
Sign in
Stay updated on your professional world
Sign in
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
New to LinkedIn? Join now
Insights from the community
- Computer Networking How can you troubleshoot common HTTPS issues?
- Computer Science How can digital certificates ensure web application authenticity?
- OAuth What are the trade-offs between implicit grant flow and authorization code flow?
- Secure Sockets Layer (SSL) What are the best practices for configuring TLS false start in Chrome?
- Web Applications What are the steps to troubleshoot a web application that won't load?
- Web Application Design How do you balance performance and security when using third-party APIs and libraries in your web app?
- PKI What are the differences and similarities between X.509 certificates and other types of digital certificates?
- Web Technologies How do you use HTTPS and SSL certificates to secure your Angular web traffic?
- Authentication What are the pros and cons of session tokens vs cookies for security and performance?
- HTML5 How can you use HTML5 authentication for secure and user-friendly login?
Others also viewed
- Securing the Web, are we getting there? Mark Thomas 4y
- What happens when you type google.com in your browser and press Enter Valarie Muema 7mo
- Revoked Web Certificates Trusted by Google's Chrome Browser? Michael Y. 4y
- Looking Back at 2020 Bruce Morton 3y
- Explain the Difference Between HTTP and HTTPS - Pros and Cons Priyanka Yadav 1mo
- A diagram of what happens when you type google.com into a web browser and hit the enter key. Caroline Opiyo 1y
- What happens when you type a URL into your browser? Naman Verma 12mo
- Google marks HTTP as not secure Paul Higgins 6y
- HTTPS Everywhere plug-in no longer needed Feisty Duck 2y
- Google Rollout "Not Secure" Website Warnings Rebecca Kimber 5y
Explore topics
- Sales
- Marketing
- Business Administration
- HR Management
- Content Management
- Engineering
- Soft Skills
- See All