< Home

PKI Application in Web Login Through HTTPS

On the network shown in Figure 1, the administrator logs in to the web page of the HTTPS server and manages network devices on web. To improve security of SSL connections, the CA trusted by web browser is configured for the HTTPS client to issue local certificates. Then the web browser can verify local certificates, avoiding malicious attacks and ensuring secure login.

Figure 1 PKI application in web login through HTTPS

The HTTPS client and server make the following interaction during SSL connection setup:

  1. The HTTPS server applies for a local certificate from the PKI authentication center.
  2. The PKI authentication center issues a local certificate to the HTTPS server.
  3. The HTTPS server sends a digital certificate carrying its public key to the HTTPS client.
  4. The HTTPS client verifies the local certificate and uses the public key in the certificate to encrypt the private key it randomly generates, and sends the encrypted key to the HTTPS server.
  5. The HTTPS client and server negotiate the final key and encryption suite, which will be used to encrypt communication data.
Parent Topic: Application Scenarios for PKI
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
Next topic >