Web browsing is one of the actions that has grown rapidly at the present time due to the rise of websites that offer their services to millions of users in all types of environments or environments, whether professional, educational or personal. In all this means of navigation , in some opportunities it will be necessary to provide sensitive personal or corporate information which can be managed incorrectly and to prevent this there are digital certificates..
What is a digital certificate
The digital certificates have the SSL protocol which allows to create an encrypted connection generating security and trust for all the operations that are carried out through the network, so that the SSL certificates have been developed to be a reliable line since they establish a Secure connection to the site visited or the site that we are seen. For this, the different web browsers will offer special visual signals that show that the connection is secure, be it a green padlock to a URL bar with a security mark, this gives more confidence when navigating in said site.
SSL certificates are composed of a pair of keys which are a public and a private key. The objective is that both keys work together to establish the encrypted connection, likewise, in the certificate the subject is integrated, which is nothing more than the identity of the certificate holder or the website.
To obtain an SSL digital certificate, it will be necessary to create the certificate signing request (CSR) on the server. When this process is done, a private and a public key will be created on the server, after that, the CSR data file that is sent to the SS certificate issuer, which is called the certification authority or CA, will contain the public key so that the entity can use the CSR data file in order to create a data structure that in turn matches the private key. When we receive the SSL certificate, we proceed to install it on the server that is the objective of TechnoWikis today, explain how to perform this process in Google Chrome for macOS ..
The most important part of a digital SSL certificate is that it is digitally signed by a trusted CA because web browsers only rely on certificates that come from an organization added to its trusted CA list, otherwise it can be rejected and this It is extremely vital since browsers have a pre-installed list of trusted CAs, which is also known as the trusted root CA store. So, for an SSL certificate to be added to the Trusted Root CA store, a company must comply with and be audited based on the security and authentication standards established by browsers.
If we want to see the authorized CA companies in Google Chrome, we can go to the Chrome line: // settings and in the section Privacy and security select the line Manage certificates and in the window displayed we will see the various organizations that issue this type of certificates:
features
Some of the features of using digital certificates are:
- Keep secure data between servers
- Improve customer confidence
Remember that SSL (Secure Sockets Layer), is a standard security technology which allows defining an encrypted link between a server and a client. It is usually between a web server and a browser thus increasing the security of the transfer of information since SSL makes confidential information such as credit card numbers, social security numbers or credentials Log on to various platforms, are transmitted securely without being vulnerable to attacks..
The use of SSL digital certificate is not simply to acquire it and already, this is a process that really has an impact of privacy, confidence and security in the daily tasks in Google Chrome, this is because when a browser tries to access a website that is protected by the SSL protocol, the browser and the web server will establish an SSL connection through a process called "SSL link protocol" which is invisible to the user and runs in real time, there will come into play three keys To configure the SSL connection, these are:
With this, all the information that is encrypted with the public key can only be decrypted with the private key, and vice versa.
Digital certified operation
The essential functioning of the digital certificate is as follows:
- The browser will connect to a web server protected with SSL (https). The browser requests that the server identify itself as such.
- Then, the server sends a copy of its SSL certificate, where the public key of the server is included.
- After this, the web browser will be responsible for validating the root of the certificate in a list of trusted CAs and that the certificate has not expired, has not been revoked and that the common name is valid for the website to which you are trying to connect .
- In case the web browser trusts the certificate, it will proceed to create, encrypt and return a symmetric session key making use of the public key of the server.
- After this, the server will decrypt the symmetric session key through the private key and send an encrypted acknowledgment with the session key in order to start the encrypted session.
- With this, both the server and the browser are able to encrypt all data transmitted with the session key and thus protect that information
Next we will learn to install the SSL digital certificate in Chrome in macOS Mojave.
Step 1
To perform this process in macOS Mojave, we open a new session of Google Chrome and click on the option Customize and control Google Chrome and in the expanded list we select the option Configuration:
Step 2
In the next window we will go to the bottom and there we click on the Advanced line:
Step 3
Now, in the Privacy and security section, we locate the option Manage certificates:
Note
We can access this option by entering the line in the address bar
chrome: // settings
Step 4
When clicking there, in the case of macOS Mojave, we will access the Keychain Access window in which all the passwords, secure notes, keys and certificates of the system are managed, there we can see key details such as:
- Name of the issuing entity
Step 5
In order to add our certificate, we go to the line My certificates and from the File menu we select the option Import elements or we can use the key combination Shift + Command + I:
+ ⌘ + I ⇧ + ⌘ + I
Step 6
In the next window we must go to the route where we have downloaded the digital certificate to be installed:
Step 7
Click on the Open button and the following message will be displayed:
Step 8
There we can define which keychain to import as well as see the properties of the certificate if we wish, click on Add and we will see that our certificate has been added:
Step 9
In some situations we can see that our certificate appears as "Not trusted", this is due, as we mentioned, because the developer is not in the CA store, to correct this we will double click on the certificate and in first detail we will see all The information of this certificate:
Step 10
Now we go to the option Trust and in the field When using this certificate if we are sure of its reliability we will select the option Always trust:
Step 11
The following window will be displayed where we will enter our administrator password:
Step 12
We click on the button Update configuration and now we can see that this certificate is found as reliable in the keychains of macOS Mojave:
From this moment we will be sure that the transfer of data and information through this certificate will be fully reliable based on the best security measures provided by this type of certificate.
