k8s.github.io

TLS Basics

• Take me to Video Tutorial

In this section, we will take a look at TLS Basics

Certificate

• A certificate is used to guarantee trust between 2 parties during a transaction.

• Example: when a user tries to access web server, tls certificates ensure that the communication between them is encrypted.

  

Symmetric Encryption

• It is a secure way of encryption, but it uses the same key to encrypt and decrypt the data and the key has to be exchanged between the sender and the receiver, there is a risk of a hacker gaining access to the key and decrypting the data.

  

Asymmetric Encryption

• Instead of using single key to encrypt and decrypt data, asymmetric encryption uses a pair of keys, a private key and a public key.

  

  

  

  

How do you look at a certificate and verify if it is legit?

• who signed and issued the certificate.

• If you generate the certificate then you will have it sign it by yourself; that is known as self-signed certificate.

  

How do you generate legitimate certificate? How do you get your certificates singed by someone with authority?

• That’s where Certificate Authority (CA) comes in for you. Some of the popular ones are Symantec, DigiCert, Comodo, GlobalSign etc.

  

  

  

Public Key Infrastructure

Certificates naming convention