Skip to Content
0

Certificate vs Keys

Dec 07, 2016 at 09:46 AM

52

avatar image

Hi SDNites,

I am trying to set up a SSL connection for SOAP over HTTPS. While doing that, I wanted to get more details on Certificates and keys and what is the difefrence between them and either of them is used in which scenario.

Any help on above is appreciated.

Regards,

Abhi

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

2 Answers

Harish Mistri Dec 08, 2016 at 12:12 AM
0

Hi Abhishek,

The certificate is pair of key. The public and private key. So every certificate contains the key.

In HTTPs protocol sender system encrypt the message using public key of receiver and then receive will decrypt using its private key.

regards,

Harish

Show 1 Share
10 |10000 characters needed characters left characters exceeded

Small addition to Harish's answer: certificate contains only public key.

Regards, Evgeniy.

0
Abhishek Gupta Dec 09, 2016 at 11:21 AM
0

Harish / Evgeniy - Thanks for your response.

As Evegeniy mentioned Certificate comprise of Public key. My understanding is also the same.

In my scenario, I have generated a self signed certificate and a private key on behalf of 3rd party as I am using SOAP UI for testing. The self signed certificate generated is uploaded in PI NWA under ICM_SSL***** and the Private key is used in SOAP UI to send the request from SOAP UI to SAP PI.

1. In this case if I pass the certificate and pass user name and password as well, I am getting error as client certificate required.

2. if I pass the certificate and don't pass user name and password as well, I am getting error as unauthorized. (My understanding is this approach is correct and if it is why I am getting this error)

Also here I getting the certificate only from 3rd party and we are not passing any certificate to them. My understanding is this is client authentication and as we are not providing anything to client they will not be able to authenticate us. Please confirm.

Also due to HTTPS, data gets encrypted automatically and we do not mandatory require to exchange certificates for encryption. Please confirm.

Share
10 |10000 characters needed characters left characters exceeded