'SSL Cert Validation between Client and Server
I have some confusion on the SSL Certificate Validation in a Client - Server model.
This is what happens as all of you know Client (C), Server(S), PublicKey(PB), PrivateKey(PK), ServerSSLCert(SR) CABundle(Root + Intermediate) - (CAB)
AS you know client always attaches CAB file when connecting/communicating with server. no server cars are attached.(correct me if I am wrong)
This is what the flow
- Client Sends Hello with all needed Details to Server
- Server Validates the needed things and Sends the Cert to Client
==> So confusion here is ... What is the certificate that server send - is that a Root/Intermediate/Server Cert it exchanges with client ?
==> Will the Client Validate the ServerName (hostname -f) with what is in the Certificates CN/Subject ??
==> Assume the Servername has ALIAS/CNAME (ABCD.dmn.com (real hostname is server.dmn.com)) Since the Client has ABCD.dmn and Subject in Server cert will be different will that validate at network level to certify both are same IP and move further (or) the names are different thus client unable to validate and fails ?
Can some one please explain.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|