Viewing Certificate Path

This section provides a tutorial example on how to view certificate path when visiting an 'https' Web site in IE. The top certificate in a certificate path is the CA certificate, which is trusted automatically.

As we learned from previous chapters, in order to validate a certificate, a certificate path must be established to link the certificate to a CA (Certificate Authority) certificate.

Here is what I did to find the certificate path for https://login.yahoo.com Web site.

1. Run IE and go to https://login.yahoo.com and wait for the log in page to be loaded.

2. Click the lock icon at the end of the Web address field. A small pop up windows shows up.

3. Click the "View certificates" link on the pop up window. The Certificate dialog box shows up.

4. Click the "Certificate Path" tab. A certificate path with 4 certificates shows up:

GTE CyberTrust Global Root
 |- DigiCert High Assurance EV Root CA
     |- DigiCert High Assurance CA-3
         |- login.yahoo.com

5. Double click on "GTE CyberTrust Global Root". Another Certificate dialog box shows up providing information on the GTE CyberTrust certificate, which is also the CA certificate, because it is the top certificate in the certificate path.

This certificate is intended for the following purpose(s):
- Ensures the identify of a remote computer

Issued to: GTE CyberTrust Global Root
Issued by: GTE CyberTrust Global Root
Valid from 8/ 12/ 1998 to 8/ 13/ 2018

It is interesting to see that:

The picture below shows you the certificate path of login.yahoo.com:

Microsoft IE - Certificate Path View
Microsoft IE - Certificate Path View

Table of Contents

 About This Book

 Cryptography Terminology

 Cryptography Basic Concepts

 Introduction to AES (Advanced Encryption Standard)

 Introduction to DES Algorithm

 DES Algorithm - Illustrated with Java Programs

 DES Algorithm Java Implementation

 DES Algorithm - Java Implementation in JDK JCE

 DES Encryption Operation Modes

 DES in Stream Cipher Modes

 PHP Implementation of DES - mcrypt

 Blowfish - 8-Byte Block Cipher

 Secret Key Generation and Management

 Cipher - Secret Key Encryption and Decryption

 Introduction of RSA Algorithm

 RSA Implementation using java.math.BigInteger Class

 Introduction of DSA (Digital Signature Algorithm)

 Java Default Implementation of DSA

 Private key and Public Key Pair Generation

 PKCS#8/X.509 Private/Public Encoding Standards

 Cipher - Public Key Encryption and Decryption

 MD5 Mesasge Digest Algorithm

 SHA1 Mesasge Digest Algorithm

 OpenSSL Introduction and Installation

 OpenSSL Generating and Managing RSA Keys

 OpenSSL Managing Certificates

 OpenSSL Generating and Signing CSR

 OpenSSL Validating Certificate Path

 "keytool" and "keystore" from JDK

 "OpenSSL" Signing CSR Generated by "keytool"

 Migrating Keys from "keystore" to "OpenSSL" Key Files

 Certificate X.509 Standard and DER/PEM Formats

 Migrating Keys from "OpenSSL" Key Files to "keystore"

Using Certificates in IE

 Visiting a "https" Web Site with IE

 Viewing Certificate Details

Viewing Certificate Path

 Installing Certificate Permanently in IE

 Managing Certificates in Certificate Stores with IE

 Exporting Certificates Out of IE

 OpenSSL Viewing Certificates Exported from IE

 Importing CA Certificate into IE

 Importing Certificate Path into IE

 Using Certificates in Google Chrome

 Using Certificates in Firefox

 Archived Tutorials

 References

 Full Version in PDF/EPUB