Understanding the power of certificates
Certificates are a critical component of the internet today, so in this tutorial we’ll cover what certificates are, why they are so critical, how they can be used and how to make your own Certificate Authority (CA) to create them. We’ll be using a fully updated Ubuntu 20.04 LTS server to create a certificate server for your local network as well as a root certificate for distribution with Firefox. We’ll also cover creating and installing an SSL certificate for an example webserver (again, Ubuntu 20.04 LTS server). Both of these hosts should have static IP addresses. If you want to play along you should be able to ping both servers using their FQDN (Fully Qualified Domain Name).
A dead cert
So what is a certificate? A certificate is essentially verifiable proof that an item is what it purports to be. For example, a passport is proof of identity. We put faith in it because we trust that the Certificate Authority (the Passport Office) has vetted and verified the holder’s identity, and believe they are who they say they are and that the document (passport) is real.
The same principle applies to verifying identity on the internet. The difference is that the certificate is digital in nature and the certificates are digitally signed by the issuing authority using public key encryption. This means,
You’re reading a preview, subscribe to read more.
Start your free 30 days