The Backend Engineering Show with Hussein Nasser

Certificates gone bad | The Backend Engineering Show

Oct 8, 2021

28:09

Creator website

Highlights

AI Chapters

Episode notes

How Do I Trust the Root Certificate?

03:19

How to Decrypt a Private Key in a Message?

04:02

Can You Check if Your Certificate Is Revoked?

04:54

Introduction

3min

Is There a Way to Incrupt a Client?

3min

How to Decrypt a Private Key in a Message?

4min

How Do I Trust the Root Certificate?

3min

Is Your Private Key Leaked?

2min

How to Revoke a Certificate

3min

Can You Check if Your Certificate Is Revoked?

5min

Why Do You Need Shorter Certificates?

2min

How to Recycle Your Private Key All the Time

3min

Certificates contain useful metadata including the public key, domain name, signature, etc. However, the private key can be leaked which causes the certificate to be invalid/dangerous to keep around. In that particular situation, we need a mechanism to revoke certificates and that is what I’m going to discuss in this show.

0:00 Intro

0:30 Why Certificates

12:00 Certificates can go bad

14:50 Certificate Revocation Lists (CRLs)

18:30 OCSP (Online Certificate Status Protocol)

20:40 OCSP Stapling

24:30 Best certificates are short

26:30 Summary

Become a Member on YouTube

https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join

🔥 Members Only Content

https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg