0

How does an SSL certificate prove the emitter is who he pretends to be ?

If Bob (holding a certificate) and Alice wanted to establish a SSL-secured connection, wouldn't John be able to get the certificate from Bob and send it to Alice, pretending to be Bob ?

I understand the private/public key very well, but I don't understand what role it plays in a certificate.

Stephane
  • 18,557
  • 3
  • 61
  • 70
Cookiewill
  • 19
  • 1
  • 3
    The certificate is tied to Bob's name (domain name). That's why browsers issue alerts when the cert doesn't match the target. – schroeder Sep 16 '15 at 21:17
  • Have a look at my answer [here](http://security.stackexchange.com/a/94100/39449) – BadSkillz Sep 17 '15 at 10:00
  • Related [question and answer](http://security.stackexchange.com/questions/87564/how-does-ssl-tls-pki-work) – RoraΖ Sep 17 '15 at 11:11

2 Answers2

7

In order do pretend he's Bob, John will not only have to present Bob's certificate, but also prove that he is in possession of the private key corresponding to the public key in said certificate, by encrypting a challenge with it. So copying the certificate alone will not buy John anything.

Tilman Schmidt
  • 871
  • 4
  • 7
2

The certificate is digitally signed by the authority issuing the certificate.

  • Your software should be verifying the digital signature via the issuer's public key.
  • If your software trusts the issuer, the software can then trust the SSL certificate contents
  • Otherwise your software should be looking at the issuer of the issuer's certificate and validating that signature, and so on, up to an issuer that your software does trust.

So where does the public/private key come in? By signing a certificate with the issuer's private key, anyone that has the issuer's public key can verify its authenticity.

Edward Barnard
  • 672
  • 6
  • 17