Changes

Jump to: navigation, search

SRT210 Lab 7

514 bytes added, 20:06, 22 March 2019
Objectives
= Objectives =
* Understand the basics of public key encryption from a practical point of view.* Set up a Certificate Authority.* Create certificate+key pairs for servers, signed by your own CA.* Set up Apache to serve pages over HTTPS.
= PART 1: ENCRYPTION FOR NETWORK SERVICES =
[[File:ConnectionNotSecure.png]]
* Go to the Firefox Preferences, and add a root authority certificate, like so:
[[File:FirefoxAddCA.png]]
* Now you should be able to go to https://lin1.yourusername.ops without any warnings. Furthermore, if you had more web servers: you could use your new CA to create keys for many of your own servers, and you could use those keys not just for web servers but for mail servers, LDAP servers, etc.
 
= PART 3: SNIFFING HTTPS TRAFFIC =
 
* Go through the exercise again of sniffing the traffic between <code>alice</code> and <code>lin1</code> using tcpdump while you log in to your webpage in Firefox.
* Open the resulting file in Wireshark and see if you can still find your password there.
= Lab completion =

Navigation menu