Cryptography Tutorials - Herong's Tutorial Examples - Version 5.34, by Dr. Herong Yang
Viewing Certificate Details
This section provides a tutorial example on how to view certificate details when visiting an 'https' Web site in Chrome 24.
When you visit a "https" Web server, it will send its certificate to your browser. Server's certificate is needed by the browser for these 2 tasks:
- Your browser must validate the certificate to determine that the Web site can be trusted or not before doing any further communications.
- Your browser must use the public key in the certificate to help secure the communication messages sent and received.
Normally, your browser will do these 2 tasks automatically without your interaction. You don't need to know where is the server certificate and what's in the certificate.
But since I am interested to learn more about "https" communication, I want to see the server certificate. Here is what did on Chrome 24 to see details of the server certificate.
1. Run Chrome 24 and go to https://login.yahoo.com and wait for the log in page to be loaded.
2. Click the lock icon at the end of the Web address field. A small pop up windows shows up.
3. Click the "Connection" tab and then the "Certificate information" link on the pop up window. The Certificate dialog box shows up. The General tab tells me this information:
This certificate is intended for the following purpose(s): - Proves your identity to a remote computer - Ensures the identify of a remote computer Issued to: login.yahoo.com Issued by: DigiCert High Assurance CA-3 Valid from 3/ 9/ 2012 to 3/ 14/ 2014
4. If you click the Details tab, you will details of this certificate:
Version V3
Serial number 0c 07 04 ...
Signature algorithm sha1RSA
Signature has algorithm sha1
Issuer DigiCert High Assurance CA-3
Valid from Friday, March 09, 2012 07:00:00 PM
Valid to Friday, March 14, 2014 07:00:00 PM
Subject login.yahoo.com, Yahoo! Inc.
Public key RSA (2048 Bits)
Authority Key Identifier KeyID=50 ea 73 ...
Subject Key Identifier 2a aa f2 ...
Enhanced Key Usage Server Authentication (1.3.6.1.5.5.7.3.1)
Client Authentication (1.3.6.1.5.5.7.3.2)
Key Usage Digital Signature, Key Encipherment (a0)
Thumbprint algorithm sha1
Thumbprint 68 22 14 ...
Cool. Now I see details of a real certificate for commercial uses.
The picture below shows you steps to reach certificate details:
Notice that the "Certificate" dialog box used in Chrome is identical to "Certificate" dialog gox used in IE (Internet Explorer) 9. See IE 9 tutorials for information provided on the "Certificate Path" tab.
Last update: 2013.
Table of Contents
Introduction to AES (Advanced Encryption Standard)
DES Algorithm - Illustrated with Java Programs
DES Algorithm Java Implementation
DES Algorithm - Java Implementation in JDK JCE
DES Encryption Operation Modes
PHP Implementation of DES - mcrypt
Blowfish - 8-Byte Block Cipher
Secret Key Generation and Management
Cipher - Secret Key Encryption and Decryption
RSA Implementation using java.math.BigInteger Class
Introduction of DSA (Digital Signature Algorithm)
Java Default Implementation of DSA
Private key and Public Key Pair Generation
PKCS#8/X.509 Private/Public Encoding Standards
Cipher - Public Key Encryption and Decryption
OpenSSL Introduction and Installation
OpenSSL Generating and Managing RSA Keys
OpenSSL Generating and Signing CSR
OpenSSL Validating Certificate Path
"keytool" and "keystore" from JDK
"OpenSSL" Signing CSR Generated by "keytool"
Migrating Keys from "keystore" to "OpenSSL" Key Files
Certificate X.509 Standard and DER/PEM Formats
Migrating Keys from "OpenSSL" Key Files to "keystore"
Using Certificates in IE (Internet Explorer)
►Using Certificates in Google Chrome
Visiting a "https" Web Site with Chrome
Installing Certificate Permanently in Chrome - Not Supported