What is the role of leaf certificate's private key if this certificate is signed by the intermediate certificate's private key and the certificate signature will only be validated using its public key.
Asked
Active
Viewed 825 times
0
-
I think you have a misunderstanding of how TLS works and how server authentication (specifically prove of certificate ownership) is done - therefore marked as duplicate of question which explain this. In short: The private key is used to prove ownership of the certificate by the server. It does not matter if an intermediate certificate is involved or not. – Steffen Ullrich Mar 24 '20 at 04:55
1 Answers
1
See The First Few Milliseconds of an HTTPS Connection, by Jeff Moser. Scroll down to the section, 'Trading Secrets'. This section describes how the client encrypts the pre-master secret using the server's public key (i.e. the public key contained in the server's leaf certificate), and sends the encrypted public key to the server. The server then has to decrypt this message. This is done using the server's private key corresponding to the public key in the server's leaf certificate.
mti2935
- 19,868
- 2
- 45
- 64
-
3Although beautifully artistic that reference is now obsolete, at least for the public net/web. After Snowden -- roughly 2015 to 2018 -- most websites finally moved to DHE or ECDHE ciphersuites (which had been available well over a decade) which do not use RSA encryption (but _may_ use RSA _signature_), and today in 2020 a good quarter have moved to TLS1.3 which _requires_ [EC]DHE and no longer supports plain-RSA keyexchange at all. – dave_thompson_085 Mar 24 '20 at 04:00
-
@dave_thompson_085, Thanks for your comment. I agree that this reference is outdated, but I thought it was useful in at least as much as explaining the role of the leaf certificate in TLS. Here's a more current reference, that uses TLS1.2 with TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256. – mti2935 Mar 24 '20 at 10:59