Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
I
I
Ilya bow2016-03-27 16:03:38
System administration
Ilya bow, 2016-03-27 16:03:38

Guys, is it possible to pull out a certificate from someone else's site and put it on your site?

And if it is possible, how to do it?
And another question is a bit of a curve though.
What exactly is the certificate issued for? domain or ip address? Or is it completely different there?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
A
Andrew, 2016-03-27
@OLS

First, the site administrator creates a key pair: a secret private key (which the server will "sign" pages sent to the Internet) and a public public key (which everyone will use to check these pages). (Actually, it's a little more complicated.) The second action is the site administrator sends a public key to one of the certification centers, they (in various ways) check the fact that the sender is really the administrator of the domain for which he wants to issue a certificate, and if everything is OK, then they issue a certificate (the certificate is an open site key, signed by the electronic signature of the CA).
Now for your questions:
The certificate is already publicly available. Your goal is really to "pull out the private key" so that your site can sign requests on behalf of that site. If the administrator is in trouble with his head, then you will not get access to the private key.
However ! If you have the ability to add certificates to the list of trusted ones on the client machine, then nothing prevents you from adding your own root self-signed certificate there, and then issuing your own for the name of the domain you want to intercept. For example, you can read how squid does it - the search keyword "ssl bump".
Domain + (more expensive) organization, additionally confirming the fact that the organization owns this domain.

Report
C
CityCat4, 2016-03-27
@CityCat4

1. You can. Having admin rights on that site :)
2. To a domain or a group of domains. Or a person. Or a device. A certificate is a kind of electronic document that confirms certain information with the authority of the organization that issued it. That is why many look askance at free certificates. The certificate has nothing to do with IP addresses.

Report
D
Dmitry Belyaev, 2016-03-27
@bingo347

You can pull it out, only there will be 0 sense from it, you still won’t get a private key from it.

What exactly is the certificate issued for? domain or ip address? Or is it completely different there?
The certificate confirms that the person who received it is the owner of the domain, in fact, this provides a guarantee that the traffic was not intercepted in the middle.
The question is, why are you doing this? Today you can get an official certificate for free, for example from Let'sEncrypt

Similar questions
V
Vladimir Chernyshev2013-03-08 00:00:22
Where and how to put your scripts and how best to store them? 5Reply
E
Egor Irvin2021-09-02 08:58:17
What tools can be used to connect to a Linux PC from a Windows PC over LAN to achieve 30-60 FPS? 4Reply
T
Trees12020-06-13 14:45:17
Software under linux, to view the network load? 2Reply
A
Alexander Yudaev2013-03-20 12:45:18
Virtual desktops on Linux? 4Reply
N
nonname2013-03-20 14:50:31
Soft RAID1 loses superblock after reboot 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question