SSL 通信期间 Web 服务器上是否需要私钥? [英] Is private key required on web server during SSL communication?

问题描述

在 SSL 通信期间，Web 服务器上是否需要私钥?我读过:

Does private key is required on web server during SSL communication? I've read:

在 SSL 中，每一方使用随机数单独计算密钥双方已知的值.双方然后发送加密的消息使用密钥

In SSL, each party calculates the secret key individually using random values known to each side. The parties then send messages encrypted using the secret key

和

私钥是为会话随机生成的密钥，不是存储.

The private key is a randomly generated key for the session and is not stored.

以上引文涉及 Oracle 应用服务器 SSL 通信，但我认为应该涉及一般 SSL 通信.您能解释一下，私钥的作用是什么(到目前为止，我认为在 SSL 期间 Web 服务器上需要私钥).

Above quotations relate Oracle Application Server SSL communication, but I think it should concern general SSL communication. Could you explain, what is role of private key (so far I think private key is required on web server during SSL).

推荐答案

是的，在 SSL 握手期间需要私钥，因为它用于证明服务器确实是已部署证书的公钥的所有者.
但是公钥/私钥对不用于加密应用程序消息.它们仅用于握手过程中，通过传输到客户端的加密参数创建一个共享密钥，以便计算它并用于对称数据加密.握手成功完成.

Yes, the private key is required during the SSL handshake as it is used to prove that the server is indeed the owner of the Public Key of the deployed certificate.
But the Public/Private key pair are not used for encryption of the application messages. They are used only in the handshake which creates in the process a shared key by cryptographic parameters transmitted to the client in order to calculate it and used for the symmetric encryption of data after the handshake completes succesfully.

这篇关于SSL 通信期间 Web 服务器上是否需要私钥?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！