3 Replies Latest reply on May 2, 2013 8:26 AM by EJP

    SSL ciphers and algorithms

    radiatejava
      Hello experts,
      I have a fundamental SSL question - what I want to know is whether the ciphers and algorithms mentioned in certificates are used in SSL communication or not ? For example, in a sample certifcate, I can see Signature Algo=sha1RSA, Signature hash=SHA1, public key=RSA Encryption etc. I want to know whether any of these ciphers/algos are used while establishing the SSL connection. At what stage, which one of these from the certificate is used ? Or is it that the SSL negotiation does not involve these algos and only selects from what the platform supports.
        • 1. Re: SSL ciphers and algorithms
          radiatejava
          I am surprised to see no response here. Any update ?
          • 2. Re: SSL ciphers and algorithms
            gimbal2
            radiatejava wrote:
            I am surprised to see no response here. Any update ?
            Your question is not in any way a Java programming question but a basic SSL theory question. Plenty of research material available, you just have to go out and find it and read it.
            • 3. Re: SSL ciphers and algorithms
              EJP
              For example, in a sample certifcate, I can see Signature Algo=sha1RSA, Signature hash=SHA1, public key=RSA Encryption etc. I want to know whether any of these ciphers/algos are used while establishing the SSL connection.
              The certificate's own signature is checked on receipt, and the server sends another digital signature signed with its own private key which is also verified by the client, which proves that the server really owns that certificate. After that, the two sides negotiate a symmetric session key. Under some cipher suites that negotation can also involve the server certificate. Once the session key is established the certificates and their algorithms and keytypes play no further role.

              As it says in RFC 2246.