Hot Downloads



The forum is in read only mode.
Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1

TOPIC: Certificate Authority....

Certificate Authority.... 14 years 8 months ago #3801


Can any one tell me about Certificate Authority .

1. Whats is Certificate Authority.
2. how it works.
3. why do we need it.
4. Public Keys & Private Keys.
5. What is "Enterprise CA, Standalone CA"

please explain me in easy words :) try to avoid referring me weblinks. :roll:

ill be gr8 full :D

Re: Certificate Authority.... 14 years 8 months ago #3806

Certificates allow you to 'sign' communications so that you can ensure that they are coming from a trusted source.. whenever you visit a secure website, they haev a certificate -- signed by one of the big certificate companies like thawte or verisign, who have checked that these people are who they say they are, and thus if you trust thawte / verisign, you can trust these people...

Then you can view the certificate and decide that yes, these people are who they say they are.. and you can carry out some transaction with them.

You need it to ensure that the person you are communicating with are who they claim to be.. the only way you can do this is to get a third party who you trust to validate them as genuine..

Public key / private keys belong to what is known as asymmetric encryption. In normal symmetric encryption, you encrypt data with one passphrase (or key), and decrypt it with the same.

In public / private encryption (also known as PKI) You generate TWO keys.. the private key you never ever give out.. the public key can be freely given out. These two keys are mathematically derived from each other in such a way that you can't get the private key knowing the public key. Heres an example of how they work :

You want to email me something confidential.. you encrypt the message to my public key (which is freely available).. when I get the message.. I decrypt it with my PRIVATE key.. which nobody else has, and is hte only key that can decrypt it.

Another way this works is to 'sign' a message.. I want to post a message, and you want to check that it is really from me...
I encrypt it with my PRIVATE key.. and then when you want to check it.. you can decrypt it with my public key.. if it decrypts properly.. the message was from me.. no other key other than my public key will decrypt it.
read here :

In Windows 2000+, a standalone CA is a certificate authority server (distributes and manages certificates), without integrating with active directory... the enterprise CA is closely tied in with active directory and publishes certificates etc through there.
read here :

Hope that helps
Sahir Hidayatullah. Staff - Associate Editor & Security Advisor
  • Page:
  • 1
Time to create page: 0.151 seconds


Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V


  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup