SSL Handshake Procedure
The following procedure is an example of the standard steps required to establish an SSL session between a user and an SMA gateway using the Secure Mobile Access web-based management interface:
- When a user attempts to connect to the SMA appliance, the user’s Web browser sends information about the types of encryption supported by the browser to the appliance.
- The appliance sends the user its own encryption information, including an SSL certificate with a public encryption key.
- The Web browser validates the SSL certificate with the Certificate Authority identified by the SSL certificate.
- The Web browser generates a pre-master encryption key, encrypts the pre-master key using the public key included with the SSL certificate and sends the encrypted pre-master key to the SMA gateway.
- The SMA gateway uses the pre-master key to create a master key and sends the new master key to the user’s Web browser.
- The browser and the SMA gateway use the master key and the agreed upon encryption algorithm to establish an SSL connection. From this point on, the user and the SMA gateway encrypts and decrypts data using the same encryption key. This is called symmetric encryption.
- After the SSL connection is established, the SMA gateway encrypts and sends the Web browser the SMA gateway login page.
- The user submits their username, password, and domain name.
- If the user’s domain name requires authentication through a RADIUS, LDAP, or Active Directory Server, the SMA gateway forwards the user’s information to the appropriate server for authentication.
- After being authenticated, the user can access the Secure Mobile Access portal.
Was This Article Helpful?
Help us to improve our support portal