-1

I don't quite understand what the difference is between TLS and a certificate. TLS secures the transmission by encrypting the data. So normally no man in the middle attack is possible and nobody else can read it.

What is the certificate used for? When does this come into play? What does the certificate do technically? Or is a certificate only there to confirm that the website is really trustworthy and belongs to the person you think it is? I don't quite have an overview here.

user217484
  • 1
  • 2
    Data is encrypted using keys. The certificate contains the server's public key which is used to securely exchange setup data during the TLS handshake. Other keys are then generated to transfer the actual data. As you guessed, the certificate can be used for authentication too. – Irfan434 Sep 11 '19 at 12:23
  • The 'Question' is misleadinginly put down... the quesiont to diffentionte TLS and Certificates is not a duplicate... the part bout how they come into play is. and people should read that axcelent awnser you have linked if they want to know more about that. – LvB Sep 11 '19 at 12:53
  • You've asked the equivalent of "what's the difference between "driving" and a "steering wheel"?" The duplicate walks you through all the components and how they work together. I also suggest you look up the basics of PKI, which will go deeper into how certificates work. – schroeder Sep 11 '19 at 12:57

2 Answers2

0

In order to encrypt the traffic the encryption keys somehow needs to be exchanged. But one has to make sure that only the expected peer knows the keys, i.e. that one is not exchanging keys with some man in the middle attacker instead. This necessary authentication of the peer is done with certificates.

Steffen Ullrich
  • 184,332
  • 29
  • 363
  • 424
0

TO make it as simple as I possibly can:

  • TLS (or Transport Layer Security) is a technique and protocol to setup, use and secure Connections between 2 points. (a Sender/Server and a Receiver/Client)
  • a (TLS) Certificate is a document in a specific format (x509 is part of the x500 set) To quote Wikipedia 'X.500 is a series of computer networking standards covering electronic directory services.' or in other words its a way to communicate Who / What / Where you are together with some 'proof' that you are who you claim to be.

Tl;Dr TLS is a protocol, x509 (tls certificate) is a proof of identity (just like a passport is for natural entities / people)

LvB
  • 8,217
  • 1
  • 26
  • 43