Is HTTPS really that difficult? Do I need to know crypto theory and a lot of math to understand it? You don't! This video explains how HTTPS works in very simple terms. It will touch upon encryption and digital signatures, as well as explaining what a trusted Certificate Authority is and what a self-signed certificate is. We will build upon this knowledge in upcoming videos, when we plan to issue a self-signed certificate to secure a microservice app in a testing environment. You no longer have an excuse to say HTTPS is too complex. Because this video simplifies all the concepts in less than 12 minutes.
Views: 3446 kubucation
Demonstration of using OpenSSL to create RSA public/private key pair, sign and encrypt messages using those keys and then decrypt and verify the received messages. Commands used: openssl. Created by Steven Gordon on 7 March 2012 at Sirindhorn International Institute of Technology, Thammasat University, Thailand.
Views: 64158 Steven Gordon
What is self-signed certificates? Can you make them free? Are self-signed certificates less secure than those signed by commercial CAs. What is the difference between commercial certificates and self-signed certificates. What situation suits self-signed certificates or commercial certificates? You will find all these answers in this video. Playlist: Advanced Cryptography - https://www.youtube.com/watch?v=TmA2QWSLSPg&list=PLSNNzog5eydtwsdT__t5WtRgvpfMzpTc7 Playlist: Basic Cryptography https://www.youtube.com/watch?v=vk3py9M2IfE&list=PLSNNzog5eyduN6o4e6AKFHekbH5-37BdV Please subscribe to my channel! Please leave comments or questions! Many thanks, Sunny Classroom
Views: 7503 Sunny Classroom
Not a subscriber? Start your free week. http://cbt.gg/2xPYF7A Watch the entire Cisco CCNA Cyber Ops 210-250 (SECFND) course: https://cbt.gg/2MzOfkf In this Nugget, CBT Nuggets security expert Keith Barker discusses and demonstrates that X.509v3 digital certificates may be used to distribute public keys over a network. In this course, Keith covers foundational principles of cybersecurity. Learn host-based analysis, attack methods, security monitoring, and more, as you prepare for the 210-250 SECFND exam, the first of two exams that must be passed to receive your CCNA Cyber Ops certification.
Views: 3985 CBT Nuggets
In a previous video, Kevin shows how to create a simple self signed X.509 Certificate using OpenSSL. In this video you will learn how to use the private key to stamp an XML document with a digital signature using C#! #WiBisode #DigitalSignature #X509 #WiBitNet
Views: 29952 WiBit.Net
A quick and dirty explanation of SSL from the point of view of the SSL handshake and a quick look at Self-Signed Certificates and what they are for. For a more basic overview of SSL check this very nice video: http://youtu.be/SJJmoDZ3il8 If you want to know more about public key cryptography see http://en.wikipedia.org/wiki/Public-key_cryptography In the video here http://youtu.be/LHUbQtUeQ0o I show how to create a self-signed SSL certificate. Here http://youtu.be/yjZOyANmKWU is part 1 of how to install an SSL certificate in the Apache webserver. Ask for more videos on technical questions to [email protected] For more information about BrightMinded, head over to http://www.brightminded.com.
Views: 106357 BrightMindedLtd
How To Encrypt And Decrypt Files Using Private Public Keys With OpenSSL On Ubuntu Linux. This video tutorial will show you how to use the openssl command line to encrypt and decrypt a file using a public key. We will first generate a private key then extract the public key from this private key. last we will encrypt a file using the public key and later use the corresponding private key to decrypt it. 🌸 Support channel & make donation : https://www.paypal.me/aminenina/5 🌸 Subscribe for more videos : Youtube: https://www.youtube.com/user/aminosninatos 🌸 Follow me On Social Media Facebook : https://www.facebook.com/aminosninatos/ *********************************************************************** 🌸 How To Convert Public Private Putty's ppk Keys To OpenSSH Keys On Ubuntu Linux https://youtu.be/3aApOFQL44o 🌸 How To Use GPG Private Public Keys To Encrypt And Encrypt Files On Ubuntu Linux https://youtu.be/I-4dcpTDWys 🌸 How To Encrypt And Decrypt Files Using Private Public Keys With OpenSSL On Ubuntu Linux https://youtu.be/g9XN1-bANKU 🌸 How To Encrypt And Decrypt Files Using OpenSSL On Ubuntu Linux https://youtu.be/YU1AI62khIY 🌸 How To Use MD5SUM To Verify Data Integrity On Ubuntu Linux https://youtu.be/V1fgjXRFB2k 🌸 How To Generate Random Password From The Command Line On Ubuntu Linux https://youtu.be/TQ4QMJWVd8U 🌸 Linux How To Crack And Recover A Password Protected Zip File https://youtu.be/C9a6BPxUN_4 🌸 Password cracking with John the Ripper on Linux https://youtu.be/KK2bNgX1mRA 🌸 Linux : HowTo Encrypt And Decrypt Files With A Password using GPG https://youtu.be/a91v1bz_ZU4 🌸 How To Secure Copy Files In Linux Using SCP Command https://youtu.be/3Y8pVDhc3RQ 🌸 How To Sync And Backup Files In Linux Using Rsync Command https://youtu.be/aIMbg7vG6Rg ***********************************************************************
Views: 2064 Liv4IT
https://nwl.cl/2y56Mho - OpenSSL is a free, open-source library that you can use to create digital certificates. We can use this to build our own CA (Certificate Authority).
Views: 17006 Networklessons.com
http://www.steves-internet-guide.com/ssl-certificates-explained/ - This tutorial is a beginners guide to SSL,TLS and data encryption and signatures. You will learn about public and private keys and how they work with certificates. If you are looking to purchase a certificate for a website or for use with IOT then you will understand the different certificate types that are available. Other videos Configuring The Mosquitto broker to use SSL https://youtu.be/f3f4h7q6x5g
Views: 18830 Steve Cope
What is https? How does https work? What is https certificate? What type of attacks does SSL protect? What https/SSL does not protect you from? How to install SSL? Verify the successful installation of SSL? SSL Blog : https://www.learncodeonline.in/blog/what-is-ssl-and-how-to-install-ssl/ pdf is also available at this link. Link to check SSL installation: https://www.sslshopper.com/ssl-checker.html fb: https://www.facebook.com/HiteshChoudharyPage homepage: http://www.hiteshChoudhary.com
Views: 119577 Hitesh Choudhary
Elliptic Curve Cryptography is an attractive, efficient and effective alternative to RSA cryptography, offering exponentially stronger SSL security with much shorter, more efficient keys. Symantec is a leader in ECC technology, with greater root ubiquity and service than our competitors.
Views: 258 The SSL Store™
In this WiBisode Kevin will show how you can create signing certs for creating digital signatures! This is most often used to "lock" documents in a particular state, and then verified by the consuming application. The point of digital signatures is to create an application "trust" between two entities. When the consumer receives the document, it can validate the signature against the public key and feel confident that the document was "signed" by a trusted private key. #WiBisode #SelfSignedCertificate #SelfSigned #Certificate #OpenSSL #WiBitNet
Views: 85040 WiBit.Net
Angela from the API support team walks through how to generate a public private key pair using OpenSSL and register a private application.
Views: 22687 Xero Developer
The first in the series of videos which will hopefully explain the key concepts around Https and SSL encryption, hashing (Sha 1, Sha 256 etc) certificates etc. I am then planning to extend the series into other interesting related subjects like blockchain and Bitcoin. If you have any questions or requests please feel to ask in the comments section.
Views: 33397 Matt Thomas
Brief on Symmetric and Asymmetric Keys Digital Certificates - X.509 and GPG Commands to generate asymmetric keys and digital certificate. X.509 commands: Key Pair Creation: openssl req -new -x509 -newkey rsa:2048 -keyout Private.key -out Public.crt -days 365 -nodes -sha256 Dump Private key contents: openssl rsa -in Private.key -noout –text Dump public key contents: openssl x509 -in Public.crt -noout -text GPG Commands: Key pair creation: gpg --gen-key List gpg keys: gpg --list-keys Dump key contents: gpg -a --export key-name | gpg --list-packets --debug 0x02 Reach me at Linkedin for comments/suggestions: www.linkedin.com/in/sameer-pasha-7aba6393
Views: 1920 Sameer Pasha
The cheapest place to buy SSL certificates that I'm aware of: https://www.gogetssl.com/ Cloudflare introduces universal SSL https://blog.cloudflare.com/introducing-universal-ssl/ Two good blog posts on how the TLS handshake works: http://blog.hartleybrody.com/https-certificates/ http://www.moserware.com/2009/06/first-few-milliseconds-of-https.html Video explaining the math behind public encryption https://www.youtube.com/watch?v=3QnD2c4Xovk self-signed certificate example: https://selfsigned.jelled.com/ Google's announcement that they would begin discrediting sites that use SHA-1 certificates: http://googleonlinesecurity.blogspot.com/2014/09/gradually-sunsetting-sha-1.html Google's announcement that they will begin giving a ranking boost to sites serving content over HTTPS. http://googlewebmastercentral.blogspot.com/2014/08/https-as-ranking-signal.html Comcast has been caught injecting ads into websites. They can't do this if the site is served over HTTPS. https://www.techdirt.com/articles/20140908/07191228453/comcast-using-packet-injection-to-push-its-own-ads-via-wifi-apparently-oblivious-to-security-concerns.shtml
Views: 181667 WebConcepts
We look at creating self signed certificates and get them working with your docker image. We talk about different encryption and authentication algorithms and other configuration options. Git repository: https://github.com/kalaspuffar/apache-https Please follow me on twitter http://twitter.com/kalaspuffar Outro music: Danomate - http://danomate.com - https://www.youtube.com/user/danomate1
Views: 1006 Daniel Persson
How to generate Self-Signed Certificates in OpenSSL AND How to generate an SSL Certificate signed by a CA (Certificate Authority) Enjoy! Like the video? Hit the "Like" button and subscribe =) Let me know what you think by leaving a COMMENT below! ***Tutorial on how to set-up a Certificate Authority will be uploaded by the end of the week*** ===================================================== Email: [email protected] =====================================================
Views: 60018 Sandbox Tutorials
This little video will show you how to encrypt your Synology using an SSL Certificate. You don't have a certificate you say? Here how you can get one for free: https://www.youtube.com/watch?v=9kw_tr3WGbg Like my wallpaper? Credits to Justin Maller, get one yourself at http://www.facets.la/ If you liked this video, Subscribe for more tutorials for you Synology NAS! Have suggestions for videos? hit me up on twitter.com/andreasdybdahl https://www.facebook.com/andreasdybdahlofficial
Views: 15819 Andreas Dybdahl
Certificates are used to prove identity and used for creating secure communication. Check out http://itfreetraining.com for more of our always free training videos. This video looks at how a certificate works, what is a certificate and how they are used for identification and secure communication. Download the PDF handout http://itfreetraining.com/Handouts/Certificates/WhatAreCertificates.pdf What is a certificate? A certificate is an electronic document that contains data fields. When compared to a traditional paper certificate there are some similarities between an electronic certificate and a physical certificate. Digital certificates like a physical certificate are issued by an authority. For example, a university may issue a certificate to a student to show that they have completed the necessary work in order to graduate. The next question is, would you trust a physically certificate? Digital certificates work the same way. They are issued from an authority and the question becomes would you trust the authority that issued the certificate? Electronic certificates also contain other fields like who or what the certificate was issued to, how long it is valid, the public key and the digital signature. If a digital certificate is presented to a user or computer, the user or computer is able to check the certificate to ensure the person using it should be using it. Also the certificate contains a digital signature which allows the certificate to be checked to make sure it has not been modified. Digital Signature A digital signature provides a method for a certificate to be checked to ensure it has not been modified. In order to do this, a hash value is created for the certificate. To generate a hash value the certificate is put through a function to create a single value. Hash functions are designed so different certificates will not produce the same value, however the hash value cannot be used to generate the original certificate. The same principal applies to a person's fingerprints. They can be used to identify a person, however using a finger print you could not work out the features of a person like what color hair they have. When a certificate is created, the hash value for that certificate is also created. Using a function involving the private key, a digital signature is created and added to the certificate. Digital Signature Example When a certificate is used, in order to check the certificate has not been changed, the following is done: The computer generates the hash value for the certificate. Next, the digital signature is put through a function using the public key which should result in the same hash value. If both values match, the certificate has not been modified. This prevents a 3rd party taking a certificate, changing the values in the certificate and using the certificate. Trust Model Certificates work off a trust model. An example of a trust model in computers is that a computer may have a sticker on it indicating which operating systems it will run. The consumer, seeing this sticker, must trust that the manufacture would not put this sticker on the laptop unless it will run that operating system. The customer must also trust the creator of that operating system would not allow a computer manufacturer to put a sticker on a computer that would not run that operating system. Certificate Trust Model Certificates are generally deployed in a hierarchy. At the top is the root certificate authority. This can be an internal Certificate Authority or an external authority like VeriSign. When an authority like VeriSign issues a certificate, they will perform a number of checks on the individual purchasing the certificate to ensure that they are a valid business. When a certificate is used it can be checked to see which authority issued that certificate. In order for the certificate to be used, the computer must trust the authority that it was issued from. Authorities like VeriSign are trusted by default on most operating systems. Certificate Error If a certificate is presented to the computer and it is not trusted, the computer will generate an error asking if the users want to trust the certificate. It is up to the user to decide if they believe the certificate is valid. Certificate Hierarchy Certificates use a hierarchy. At the top is the root CA, below these are subordinate CA's. Any level can issue certificates to subordinate CA's or direct to users, computers or devices. If the user, computer or device trusts the root CA, then any certificate that is issued by any CA in the hierarchy will automatically be trusted and thus used by the client. References "MCTS 70-640 Configuring Windows Server 2008 Active Directory Second edition" pg 771-775 "Public key certificate" http://en.wikipedia.org/wiki/Public_key_certificate
Views: 501666 itfreetraining
Video By : Rajneesh Verma (EnCryptor)
Views: 39951 Rajneesh verma
This tutorial shows how to leverage enterprise Public Key Infrastructure (PKI) to generate SSL decryption certificates. Using a Palo Alto Networks 8.0+ firewall the procedure to generate a Certificate Signing Request (CSR) and have an Active Directory Certificate Authority (CA) issue a Sub-CA certificate for trusted SSL decryption is shown.
Views: 8050 Palo Alto Networks Live Community
Showing how to make a certificate (with root CA and intermediate CA properly chained) with OpenSSL. The certificate can be used for code signing. Use my online page to generate your cert: https://toolbokz.com/gencert.psp http://blog.didierstevens.com/2008/12/30/howto-make-your-own-cert-with-openssl/
Views: 85498 dist67
I apologize for my monotone boring voice :-) I'm doing this to share knowledge with others. If anyone else is helped by this, it's all worth it :-) Demonstration of creating/installing a valid certificate from "Lets Encrypt" for a website running on a windows server. Links used for the resources follows: Nick Janetakis' highly recommended "Lets Encrypt" course: https://httpswithletsencrypt.com/ My review of it: https://tbsoftware.wordpress.com/2018/03/10/lets-encrypt-a-very-easy-and-fun-way-to-learn-it/ The ACME client used in the video: https://github.com/PKISharp/win-acme "Lets Encrypt" website: https://letsencrypt.org/ A resource that helped in this video in addition to the awesome "Lets encrypt" course by Nick Janetakis: https://www.youtube.com/watch?v=Z3jd8NOOY2o If you're interested in the aws aspect of this video, see a demo of how to build the EC2 instance you see in this video by the cloudformation script(s) here: https://tbsoftware.wordpress.com/2018/03/11/deploy-net-core-2-0-app-to-aws-using-cloudformation-codepipeline-codedeploy/ In the video a few notifications pop up towards the end of the video. I mentioned they were annoying. I wanted to clarify that the popup events in the middle of my recording the video were annoying. I was not annoyed at all by the actual content of the popups or the folks that the popups were about 🙂 I just wanted to mention that. Thanks for watching.
Views: 6717 T Kousek
OpenSSL is a general purpose cryptography library that provides an open source implementation of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. cd /etc/ssl/private openssl genrsa -aes128 -out server.key 2048 openssl rsa -in server.key -out server.key openssl req -new -days 3650 -key server.key -out server.csr openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 3650 chmod 400 server.*
Views: 718 Quick Notepad Tutorial
Digital Certificate Introduction, PKI, Certificate Authority Lecture in Hindi Keywords: Digital Certificate PKI Certificate Authority
Views: 47627 Easy Engineering Classes
In private key encryption, data is encrypted using a single same key that only the sender and the receiver know. That is why private key encryption is also called symmetric key encryption because the same key is used during both encryption and decryption of the transmitted data. In this video, I will also use an example to demonstrate the process of using private key encryption. Two different methods -stream encryption and block encryption- of private key algorithm are also depicted with animation. Playlist: Basic Cryptography https://www.youtube.com/watch?v=vk3py9M2IfE&list=PLSNNzog5eyduN6o4e6AKFHekbH5-37BdV Advanced Cryptography: https://www.youtube.com/watch?v=TmA2QWSLSPg&list=PLSNNzog5eydtwsdT__t5WtRgvpfMzpTc7 Please leave comments, questions and please subscribe!
Views: 24463 Sunny Classroom
Time to delve into the chain of trust and the contents of SSL certificates. Take a look at the actual chain of trusted certificates used by HSBC and understand step by step what all the key fields mean and how the chain of trust is established.
Views: 21473 Matt Thomas
Please subscribe my channel: https://www.youtube.com/channel/UCry2uNX0352LFVmpEORHPiA How to Create self signed ssl certificate? First you need to install httpd & mod_ssl package if you using Rehat OS, for other install open ssl package Command: yum install httpd mod_ssl -y systemctl start httpd systemctl enable httpd then you need to open firewall for http & https 1. Generate a private key with 2048 bit encryption as follows. openssl genrsa -out server01.key 2048 2. Then generate the certificate signing request (CSR) by using the following command openssl req -new -key server01.key -out server01.csr 3. Generate a self-signed certificate of X509 type which remains active for 365 days. openssl x509 -req -days 365 -in server01.csr -signkey server01.key –out server01.crt 4. After generating the certificates, copy the files to the necessary directory. cp server01.crt /etc/pki/tls/certs cp server01.key /etc/pki/tls/private/ cp server01.csr /etc/pki/tls/private
Views: 169 Linux with Anirban
Step by step guide on how to Export and Import the O.S Self Signed Certificate (File Encryption Key)
Views: 4421 Peyman Tech Media
This is an 8 minute video on one of the ways to create a self signed certificate in Ubuntu. We basically go over this command sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt in the video. What is all means, how it works, and where to find it afterwards
Views: 9855 Dan Morrill
This short video shows how to create a self-signed certificate using the openssl command tools. For more information on openssl see http://openssl.org. Summary: - create a Certificate Signing Request (CSR) with the command: openssl req -new -newkey rsa:2048 -nodes -keyout localhost.key -out localhost.csr - self-sign the Certificate with the command: openssl x509 -req -days 365 -in localhost.csr -signkey localhost.key -out localhost.crt Ask for more videos on technical question to [email protected]
Views: 34517 BrightMindedLtd
How to use mimikatz and its crypto module to export non exportable certificates & RSA keys. Support CryptoAPI and CNG (CNG patch requires admin rights, not for the export) Downloads : http://blog.gentilkiwi.com/mimikatz
Views: 16883 Benjamin Delpy
How to Generate RSA,DSA keys using OpenSSL
Views: 8399 Zariga Tongy
This is a video guide on how to generate a root CA, intermediate CA and certificate signed by those, under Linux. ## FOR BETTER QUALITY!!! Increase the to HD using the gear HD. I will have a mirror and torrent available soon. https://www.lazytree.us/doku.php?id=blog:new_video ^ Blog entry about the video, or the direct content below https://www.lazytree.us/doku.php?id=public:linux:common#openssl I plan on restructuring the blog so please don't rely on the direct link ===== Task: ===== Generate a certificate chain with a private Certificate Authority. ===== Condition: ===== Given one Linux machine with root access (for trust), with openssl, potentially apache/nginx ===== Standard: ===== Have the certificate be trusted by the machine. ==== Steps: ==== 1. Generate Root key 2. Generate Root certificate 3. Generate Intermediate Certificate Authority key 4. Create Intermediate Certificate Signing Request (CSR) 5. Generate Intermediate Certificate signed by Root CA 6. Add certificates to Operating system's trust (Debian/deb-ish) 7. Generate RSA server key 8. Create server certificate signing request, to be signed by intermediate 9. Sign CSR, by intermediate CA 10. Verify everything 11. Webserver 12. verify again! ==== commands ==== openssl genrsa -out RootCA.key 4096 openssl req -new -x509 -days 1826 -key RootCA.key -out RootCA.crt echo 'Root Certificate done, now intermediate begins' openssl genrsa -out IntermediateCA.key 4096 openssl req -new -key IntermediateCA.key -out IntermediateCA.csr openssl x509 -req -days 1000 -in IntermediateCA.csr -CA RootCA.crt -CAkey RootCA.key -CAcreateserial -out IntermediateCA.crt echo 'intermediate done, now on to importing cert into the OS trust' cp *.crt /usr/local/share/ca-certificates/ update-ca-certificates echo 'now for the server specific material' openssl genrsa -out server.key 2048 OPENSSL_CONF=~/openssl.conf openssl req -new -key server.key -out server.csr openssl x509 -req -in server.csr -CA IntermediateCA.crt -CAkey IntermediateCA.key -set_serial 01 -out server.crt -days 500 -sha1 echo 'verification of sort here' openssl x509 -in server.crt -noout -text |grep 'host.localism' #optional, not going over. #echo 'for the sake of windows clients, we created a pkcs file, but lets create usable PEMs' #openssl pkcs12 -export -out IntermediateCA.pkcs -inkey ia.key -in IntermediateCA.crt -chain -CAfile ca.crt #openssl pkcs12 -in path.p12 -out newfile.crt.pem -clcerts -nokeys #openssl pkcs12 -in path.p12 -out newfile.key.pem -nocerts -nodes openssl s_client -connect 192.168.0.17:443 contents OPENSSL.conf [req] prompt = no default_md = sha1 #for video use only, sha256 onwards req_extensions = req_ext distinguished_name = dn [ dn ] C=US ST=North Carolina O=LazyTree localityName=Redacted OU=HomeLab [email protected] CN=www.lazytree.us
Views: 9744 Kevin Faulkner
Openssl(version0.9.7h and later) supports sha256, but by default it uses sha1 algorithm for signing. In this tutorial we shall see how to generate a digital x509 certificate with sha256 digest algorithm. By the by did i tell you that sha1 is already broken! Check out the complete How-to article : http://techglimpse.com/sha256-hash-certificate-openssl/
Views: 12920 Gaargi S
Extract public key for verification: http://stackoverflow.com/questions/10271197/openssl-how-to-extract-public-key Verify sign : https://raymii.org/s/tutorials/Sign_and_verify_text_files_to_public_keys_via_the_OpenSSL_Command_Line.html Encrpytion : http://askubuntu.com/questions/60712/how-do-i-quickly-encrypt-a-file-with-aes Measure time ; http://askubuntu.com/questions/53444/how-can-i-measure-the-execution-time-of-a-terminal-process Cpp files : (openssl sample code) http://www.cis.syr.edu/~wedu/seed/Labs_12.04/Crypto/Crypto_PublicKey/
Views: 3293 Jae duk Seo