Next, your PC compares the DNS name used to start the connection with the names returned in the server certificate. Therefore, when each certificate in the chain has a valid signature, and a copy of the root certificate is installed on your PC, then the server identity is trusted as accurate.
The presence of the root certificate means that your PC believes that the root certificate will never issue a fraudulent identity certificate. This is implemented by installing the root certificate on your PC. But to trust the certificate as a valid assertion of identity, we have to trust the root certificate. As long as the digital signature can be validated, we know that the certificate is unaltered from when it was created. That certificate is signed by an intermediate certificate, which is signed by a root certificate. On connection, a server returns a certificate asserting its identity. The answer starts with an explanation of how certificates work.
This is not unexpected, but is easily fixed.
0 kommentar(er)
