@@TutorialsPediaVideos For example would a billing application talking to a procurement application be referred to as service to service communication?
What is missing here is: What is the role of the private keys on server and client side. From your explanation it is not clear why private keys are needed at all
Dear Sai, In case of two way SSL, both client & server will have to share public certificate with each other and both will maintain their keystores and truststores on respective sides.
@@TutorialsPediaVideos yes we did but unfortunately we r missing the client certificate when making a httpWebRequest using c#code we were given with api url, key and we r passing the certificate...
@@StayForAWhile this process is involved 1. first service owners will create their message and then 2. we as a receiver we need to encrypt and share the message with openSSL then 3. the same message will be used to create certificate by the service owners. and share to the receiver.... thus the process works. all the best .
@@TutorialsPediaVideos hehe, yeah .. this is why people do not like me: my running mouth :-). Regardless man, really nice and educating video. Good work !
TLS is a successor to SSL and is more secure. You can read more in my article below: tutorialspedia.com/ssl-vs-tls-what-is-the-difference-between-ssl-and-tls/
So if tibco works in this way and I use a leaf certificate signed with a CA that is about to expire, do I have to trust my leaf again with a new CA or can I replace the root CA?
In this protocol what proof does the server have that the client possesses the private key associated with the certificate they presented? The client encrypts the pre master secret with the server public key, so this only works if server actually possesses the private key but the described protocol doesn't seem to make use of the client private key at all
the client generates the pre master secret and needs to send it securely to the server so both sides can generate a shared secret symmetric key. The Client proves it's identity with the help of a trusted signed cert it presents the server.
Hello in 2 way SSL you have shown client and server example , but it should be server on both sides , because you just explained that 2 ways SSL happens between server to server .
Yes It is for B2B but when two servers communicate, they act as client role and server role on either side depending on request flows. So technically, they have both roles.
I dont think it is correct to say in one-way authentication only client authenticates ..It entirely depends how configuration has been in for TLS. If we have enabled , authentication of peer will happen, else not. So it doesn't matter if I am a Client or a Server , it is about the local settings
Best video on TLS and mTLS hands down
Please can you give a typical example of what a service to service or B2B Application is? I suppose that's where mTLS can be used in practice.
An example is the integration with some enterprises application like CRM system, billing system etc.
@@TutorialsPediaVideos For example would a billing application talking to a procurement application be referred to as service to service communication?
Yes.
Good one thank you. Does the server use trust store or Identity key store to present its certificate? Guessing it’s identity keystore?
Hello,
Can anyone show the source code of the above explained handshake? Where it is located on the client's end that performs all these ops?
What is missing here is: What is the role of the private keys on server and client side. From your explanation it is not clear why private keys are needed at all
Thank you !
i want to secure udp socket connection between a client and server . how do i can do that . your help will be appreciated .
it very clear to understand myself , thanks
can situation be like where Root CA and server certifcate no intermediate certificate will the connection and communication happen
can you please share an example, if 2 way ssl need to be established what are the steps to follow to do so, using openssl...
Dear Sai,
In case of two way SSL, both client & server will have to share public certificate with each other and both will maintain their keystores and truststores on respective sides.
@@TutorialsPediaVideos yes we did but unfortunately we r missing the client certificate when making a httpWebRequest using c#code we were given with api url, key and we r passing the certificate...
@@Phanindra421 did you find any tutorial for 2 way ssl?
@@Phanindra421 I have the same requirement, how did configure this ? Can you please help me?
@@StayForAWhile this process is involved
1. first service owners will create their message and then
2. we as a receiver we need to encrypt and share the message with openSSL then
3. the same message will be used to create certificate by the service owners.
and share to the receiver....
thus the process works.
all the best .
Man, I usually skip on indian videos but thank you for nice and simple explanation about mTLS. I really enjoyed it and took few notes !
Thanks Dan for your blunt yet honest feedback. By the way I am Pakistani not Indian :)
@@TutorialsPediaVideos hehe, yeah .. this is why people do not like me: my running mouth :-). Regardless man, really nice and educating video. Good work !
I am just curious to know if we are supposed to close the connection once the data exchange post step 11 is finished.
@tutorials Pedia - what is the difference between mutual SSL and mutual TLS? which one is more robust for API integration?
TLS is a successor to SSL and is more secure. You can read more in my article below:
tutorialspedia.com/ssl-vs-tls-what-is-the-difference-between-ssl-and-tls/
Thanks! Very informative tutorial.
Glad that it helped.
So if tibco works in this way and I use a leaf certificate signed with a CA that is about to expire, do I have to trust my leaf again with a new CA or can I replace the root CA?
Assalam o Alaikom, bro would you give us a practical demo on this lecture?
In this protocol what proof does the server have that the client possesses the private key associated with the certificate they presented?
The client encrypts the pre master secret with the server public key, so this only works if server actually possesses the private key but the described protocol doesn't seem to make use of the client private key at all
the client generates the pre master secret and needs to send it securely to the server so both sides can generate a shared secret symmetric key. The Client proves it's identity with the help of a trusted signed cert it presents the server.
Hello in 2 way SSL you have shown client and server example , but it should be server on both sides , because you just explained that 2 ways SSL happens between server to server .
Yes It is for B2B but when two servers communicate, they act as client role and server role on either side depending on request flows. So technically, they have both roles.
Thanks... It helped.
You are welcome.
step seven - should be "encrypting" it with server's public key - not "signing"
exactly what I want to point out.
Thank you!!!
Nice
awesome
I dont think it is correct to say in one-way authentication only client authenticates ..It entirely depends how configuration has been in for TLS. If we have enabled , authentication of peer will happen, else not. So it doesn't matter if I am a Client or a Server , it is about the local settings