Talk With an Expert

SSL/TLS: What's Under the Hood

SSL/TLS: What's Under the Hood (PDF, 12.01MB)Published: 19 Aug, 2013
Created by
Sally Vandeven

Encrypted data, by definition, is obscured data. Most web application authentication happens over HTTPS, which uses SSL/TLS for encryption. Did you ever wonder what that authentication exchange looks like in plaintext? What if you are troubleshooting your HTTPS enabled web application and need to dig deeper down in the OSI model than Firebug or other web developer tools will allow? This paper demonstrates how to easily decrypt and dissect a captured web session without either a proxy middleman or possession of the server's private key. It will walk the reader through the simple steps in a TLS connection in an attempt to reveal the unreasonable mystique surrounding encryption protocols.

SSL/TLS: What's Under the Hood