TLS 握手其中关键的一步,就是 Server 端要向 Client 端证明自己的身份。感觉有关 TLS 的内容,介绍握手的原理的有很多,但是介绍证书的并不多,证书是 TLS/SSL 非常关键的一环。本文就尝试说明,证书是用来干什么的,Google 是如何防止别人冒充 Google 的,证书为什么会频繁出问题,等等。| www.kawabangga.com
One of the crucial steps in the TLS handshake is for the server to prove its identity to the client. While there is plenty of content explaining the principles of the handshake, there's less informati| www.pixelstech.net
This page describes all of the current and relevant historical Certification Authorities operated by Let’s Encrypt. Note that a CA is most correctly thought of as a key and a name: any given CA may be represented by multiple certificates which all contain the same Subject and Public Key Information. In such cases, we have provided the details of all certificates which represent the CA. Root CAs Our root key material is kept safely offline.| letsencrypt.org
Update Feb 05, 2024 It’s been two years, and the Android compatibility cross-sign mentioned below is close to expiring. See our recent blog post for a detailed explanation of the changes coming over the course of 2024. Update September 30, 2021 As planned, the DST Root CA X3 cross-sign has expired, and we’re now using our own ISRG Root X1 for trust on almost all devices. For more details about the plan, keep reading!| letsencrypt.org