→Obtaining a Certificate
== Obtaining a Certificate ==
In the real world the process
for obtaining a certificate looks like this:
# '''You''': Create a certificate request (often abbreviated as CSR). You don't need to do it on the server that requires the certificate. Typically this is done on a commandline with the openssl command.
# '''Clients''': When someone connects to your server using a secure mechanism, they first ask your server for a copy of your certificate (public key). Then they verify that a CA they trust signed that certificate and it's not expired. Following that they can encrypt messages they send to your server using the public key it gave them.
In our case each of you will be all three of the above: '''You''', the '''CA''', and the '''clients'''. That will allow us to do all this stuff in one lab.
= Lab completion =