I got the SSL handshake process that provides Authentication/Confidentiality/Integrity. But still I have some doubts listed below in my mind that I am not able to answer. Please help.
- What is mean by certificate? What is its format? How a public key is embedded in it? And how it is retrieved by the client if they trust the particular CA?
- Lets say you got the certificate. Now what is mean by signing a message by this certificate? What exactly we do?
- is certificate and digital signature same? Is signing a message with signature or certificate same?