2 Digital Certificates
Assignment 7-2: Digital Certificates
COUNTERMEASURES AGAINST CYBERATTACKS
ASYMMETRIC CRYPTOGRAPHY
DIGITAL CERTIFICATES ACTIVITY
Instructions: You will explore digital certificates to build an understanding of the PKI (Public Key Infrastructure) that the Internet relies upon. You will be asked to respond to questions several times, and should record your answers, along with a screenshot of which certificate you are examining.
Files or Resources Needed: You will need access to a device with the Google Chrome browser installed along with Internet access.
Exercise 1: EXAMINE DIGITAL CERTIFICATES
Open Google Chrome and navigate to gmail.com.
Note that the URL starts with “https.” The “s” at the end of https means that secure communication is being used to connect to the webserver.
Also notice the lock by the URL. The lock indicates that HTTPS is being used and it is from a trusted organization. Read more at https://support.google.com/chrome/answer/95617?hl=en.
Click on the lock and then Certificate.
View the certificate for the site and answer these four questions:
Who is the certificate authority on this certificate?
GTS CA 1C3 or known by Google Trust Services LLC. This is the issuer of the certificate.
Who is the certificate issued to?
mail.google.com
What is the associated public key?
00 04 46 E1 CA B1 BD FA 73 F1 8B BB 21 7D EF 86 13 8B 28 CA E0 DC B6 00 F4 8B 6C B7 4D 3A EF C8 9A B5 B4 B6 C0 37 8D 83 8C 23 56 88 6E 97 57 E2 C6 8B 90 0B E4 8A C7 9C 80 36 EC B4 49 65 64 06 BB B5
When does the certificate expire?
Monday, December 19, 2022 at 3:23:59 AM
EXERCISE 2: FIND THE CERTIFICATION PATH
Look at the path of the certification. Click on the immediate parent of *.google.com. This should be an intermediate certificate authority.
View the certificate for this intermediate certificate authority and answer these questions:
Who is the certificate authority on this certificate?
The issuer of this certification is GTS Root R1 under the Google Trust Services LLC organization.
Who is the certificate issued to?
This certificate is issued to GTS CA 1C3.
What is the associated public key?
Modulus (2048 bits): F5 88 DF E7 62 8C 1E 37 F8 37 42 90 7F 6C 87 D0 FB 65 82 25 FD E8 CB 6B A4 FF 6D E9 5A 23 E2 99 F6 1C E9 92 03 99 13 7C 09 0A 8A FA 42 D6 5E 56 24 AA 7A 33 84 1F D1 E9 69 BB B9 74 EC 57 4C 66 68 93 77 37 55 53 FE 39 10 4D B7 34 BB 5F 25 77 37 3B 17 94 EA 3C E5 9D D5 BC C3 B4 43 EB 2E A7 47 EF B0 44 11 63 D8 B4 41 85 DD 41 30 48 93 1B BF B7 F6 E0 45 02 21 E0 96 42 17 CF D9 2B 65 56 34 07 26 04 0D A8 FD 7D CA 2E EF EA 48 7C 37 4D 3F 00 9F 83 DF EF 75 84 2E 79 57 5C FC 57 6E 1A 96 FF FC 8C 9A A6 99 BE 25 D9 7F 96 2C 06 F7 11 2A 02 80 80 EB 63 18 3C 50 49 87 E5 8A CA 5F 19 2B 59 96 81 00 A0 FB 51 DB CA 77 0B 0B C9 96 4F EF 70 49 C7 5C 6D 20 FD 99 B4 B4 E2 CA 2E 77 FD 2D DC 0B B6 6B 13 0C 8C 19 2B 17 96 98 B9 F0 8B F6 A0 27 BB B6 E3 8D 51 8F BD AE C7 9B B1 89 9D
Public Exponent (17 bits): 01 00 01
When does the certificate expire?
9/29/27, 8:00:42 PM EDT
Proceed with this process until you view the certificates of all intermediate authorities and the root authority.
Issuer
GTS Root R1
Issued to
GTS Root R1
Public Key
Modulus (4096 bits): B6 11 02 8B 1E E3 A1 77 9B 3B DC BF 94 3E B7 95 A7 40 3C A1 FD 82 F9 7D 32 06 82 71 F6 F6 8C 7F FB E8 DB BC 6A 2E 97 97 A3 8C 4B F9 2B F6 B1 F9 CE 84 1D B1 F9 C5 97 DE EF B9 F2 A3 E9 BC 12 89 5E A7 AA 52 AB F8 23 27 CB A4 B1 9C 63 DB D7 99 7E F0 0A 5E EB 68 A6 F4 C6 5A 47 0D 4D 10 33 E3 4E B1 13 A3 C8 18 6C 4B EC FC 09 90 DF 9D 64 29 25 23 07 A1 B4 D2 3D 2E 60 E0 CF D2 09 87 BB CD 48 F0 4D C2 C2 7A 88 8A BB BA CF 59 19 D6 AF 8F B0 07 B0 9E 31 F1 82 C1 C0 DF 2E A6 6D 6C 19 0E B5 D8 7E 26 1A 45 03 3D B0 79 A4 94 28 AD 0F 7F 26 E5 A8 08 FE 96 E8 3C 68 94 53 EE 83 3A 88 2B 15 96 09 B2 E0 7A 8C 2E 75 D6 9C EB A7 56 64 8F 96 4F 68 AE 3D 97 C2 84 8F C0 BC 40 C0 0B 5C BD F6 87 B3 35 6C AC 18 50 7F 84 E0 4C CD 92 D3 20 E9 33 BC 52 99 AF 32 B5 29 B3 25 2A B4 48 F9 72 E1 CA 64 F7 E6 82 10 8D E8 9D C2 8A 88 FA 38 66 8A FC 63 F9 01 F9 78 FD 7B 5C 77 FA 76 87 FA EC DF B1 0E 79 95 57 B4 BD 26 EF D6 01 D1 EB 16 0A BB 8E 0B B5 C5 C5 8A 55 AB D3 AC EA 91 4B 29 CC 19 A4 32 25 4E 2A F1 65 44 D0 02 CE AA CE 49 B4 EA 9F 7C 83 B0 40 7B E7 43 AB A7 6C A3 8F 7D 89 81 FA 4C A5 FF D5 8E C3 CE 4B E0 B5 D8 B3 8E 45 CF 76 C0 ED 40 2B FD 53 0F B0 A7 D5 3B 0D B1 8A A2 03 DE 31 AD CC 77 EA 6F 7B 3E D6 DF 91 22 12 E6 BE FA D8 32 FC 10 63 14 51 72 DE 5D D6 16 93 BD 29 68 33 EF 3A 66 EC 07 8A 26 DF 13 D7 57 65 78 27 DE 5E 49 14 00 A2 00 7F 9A A8 21 B6 A9 B1 95 B0 A5 B9 0D 16 11 DA C7 6C 48 3C 40 E0 7E 0D 5A CD 56 3C D1 97 05 B9 CB 4B ED 39 4B 9C C4 3F D2 55 13 6E 24 B0 D6 71 FA F4 C1 BA CC ED 1B F5 FE 81 41 D8 00 98 3D 3A C8 AE 7A 98 37 18 05 95
Public Exponent (17 bits): 01 00 01
Expiration
6/21/36, 8:00:00 PM EDT
Exercise 3: Two Additional Sites
https://www.champlain.edu
Issuer
DigiCert Inc
Subject
.champlain.edu
Public Key
Modulus (2048 bits): C3 58 CF BE C6 C0 D9 04 90 1E F3 FE 6B B9 17 FD B4 57 E6 89 96 F2 F5 ED 5B DB 43 4F B2 35 3B 2A 20 15 9F 1A DA B4 CF 73 A0 81 AA F4 70 11 DF B9 2F 96 E6 68 0E CC 31 0C 1C A7 02 20 D4 83 EA DF 79 05 69 29 28 C2 18 D0 A5 F4 D4 B5 51 A4 F8 CF 51 34 87 01 C3 4B 33 4F F1 A1 28 4F 97 E6 4C AA 25 1E C6 AC 48 63 20 29 C9 7B 36 8B 20 B5 BA 5C 7A C6 08 00 D0 82 90 1F 76 A6 5E C2 D1 6D 9C 02 D9 C2 2B 7D 03 64 58 6A 8F 70 1B A7 EC 83 B6 BD C1 4C 5E D6 13 19 3E 7B E3 D6 2E 69 99 4C A6 24 3B 7C 2F B9 0B A5 4F DD 90 6F AF E3 0D EA 38 30 C9 08 19 90 C4 4E 5D C1 D9 13 A7 52 C7 3C 0F 43 AA 4B E6 63 33 2A 80 F2 F4 9A FF 39 D2 15 0A A8 53 85 C9 F8 5A 24 E2 EF 9D CD B3 6F DA C3 16 01 B9 DC F3 66 D8 97 35 49 57 41 85 D5 88 1E C8 10 7F 2E B8 1A 3C 02 45 48 2C B6 E9 BB 43 F9 BC 3D
Public Exponent (17 bits): 01 00 01
Expiration
7/25/23, 7:59:59 PM EDT
Issuer 2
DigiCert Global Root CA
Subject 2
DigiCert TLS RSA SHA256 2020 CA1
Public Key 2
Modulus (2048 bits): C1 4B B3 65 47 70 BC DD 4F 58 DB EC 9C ED C3 66 E5 1F 31 13 54 AD 4A 66 46 1F 2C 0A EC 64 07 E5 2E DC DC B9 0A 20 ED DF E3 C4 D0 9E 9A A9 7A 1D 82 88 E5 11 56 DB 1E 9F 58 C2 51 E7 2C 34 0D 2E D2 92 E1 56 CB F1 79 5F B3 BB 87 CA 25 03 7B 9A 52 41 66 10 60 4F 57 13 49 F0 E8 37 67 83 DF E7 D3 4B 67 4C 22 51 A6 DF 0E 99 10 ED 57 51 74 26 E2 7D C7 CA 62 2E 13 1B 7F 23 88 25 53 6F C1 34 58 00 8B 84 FF F8 BE A7 58 49 22 7B 96 AD A2 88 9B 15 BC A0 7C DF E9 51 A8 D5 B0 ED 37 E2 36 B4 82 4B 62 B5 49 9A EC C7 67 D6 E3 3E F5 E3 D6 12 5E 44 F1 BF 71 42 7D 58 84 03 80 B1 81 01 FA F9 CA 32 BB B4 8E 27 87 27 C5 2B 74 D4 A8 D6 97 DE C3 64 F9 CA CE 53 A2 56 BC 78 17 8E 49 03 29 AE FB 49 4F A4 15 B9 CE F2 5C 19 57 6D 6B 79 A7 2B A2 27 20 13 B5 D0 3D 40 D3 21 30 07 93 EA 99 F5
Public Exponent (17 bits): 01 00 01
Expiration 2
9/23/30, 7:59:59 PM EDT
Issuer 3
DigiCert Global Root CA
Subject 3
DigiCert Global Root CA
Pub key 3
Modulus (2048 bits): E2 3B E1 11 72 DE A8 A4 D3 A3 57 AA 50 A2 8F 0B 77 90 C9 A2 A5 EE 12 CE 96 5B 01 09 20 CC 01 93 A7 4E 30 B7 53 F7 43 C4 69 00 57 9D E2 8D 22 DD 87 06 40 00 81 09 CE CE 1B 83 BF DF CD 3B 71 46 E2 D6 66 C7 05 B3 76 27 16 8F 7B 9E 1E 95 7D EE B7 48 A3 08 DA D6 AF 7A 0C 39 06 65 7F 4A 5D 1F BC 17 F8 AB BE EE 28 D7 74 7F 7A 78 99 59 85 68 6E 5C 23 32 4B BF 4E C0 E8 5A 6D E3 70 BF 77 10 BF FC 01 F6 85 D9 A8 44 10 58 32 A9 75 18 D5 D1 A2 BE 47 E2 27 6A F4 9A 33 F8 49 08 60 8B D4 5F B4 3A 84 BF A1 AA 4A 4C 7D 3E CF 4F 5F 6C 76 5E A0 4B 37 91 9E DC 22 E6 6D CE 14 1A 8E 6A CB FE CD B3 14 64 17 C7 5B 29 9E 32 BF F2 EE FA D3 0B 42 D4 AB B7 41 32 DA 0C D4 EF F8 81 D5 BB 8D 58 3F B5 1B E8 49 28 A2 70 DA 31 04 DD F7 B2 16 F2 4C 0A 4E 07 A8 ED 4A 3D 5E B5 7F A3 90 C3 AF 27
Public Exponent (17 bits): 01 00 01
Expiration 3
11/9/31, 7:00:00 PM EST
https://www.minecraft.net
Issuer
Microsoft Azure TLS Issuing CA 06
Subject
*.minecraft.net
Pub key
Modulus (2048 bits): AF 49 97 9E 17 BD 11 B2 B7 3A 48 32 AE D0 54 29 5C 66 B0 48 0C DD 90 B4 AD FD 87 77 64 87 08 C4 73 18 01 9E 7F 26 EA 17 0C 4B 81 54 D2 84 06 B0 A7 49 C9 38 29 E1 A0 93 94 C8 FA C0 8E 6F 03 27 22 FC 08 DD EB CD 0C 56 66 0C 65 E0 35 B7 8B 4B 3D EF DE 38 D2 DF 9B 2F AA FE 80 11 B8 88 B2 11 12 D3 09 82 6E 2F 03 1C 9E 8A 5D 8F 73 03 AC B6 58 EB AE 34 18 E5 4A E0 73 78 5B 0F 6A 14 47 EC 31 E1 14 85 B7 92 42 DD 03 8D 96 22 1D 35 2F 4E 2F 50 DC 17 87 38 06 D3 DF 55 A5 4F 38 91 69 D5 19 97 F7 D8 68 7F 25 5A 10 32 9D 23 25 B6 70 F5 8B DD 61 B3 AE CF 18 17 DA 8A EF 4F 2B 09 76 EB 3F CC 78 EA F0 23 E8 F5 E9 12 C7 11 02 78 45 E5 21 8F D5 EE 7B 80 3E 5A 9D 47 4A BA 4D C4 D7 4E 56 27 19 25 DF 3E 91 45 75 88 F0 51 90 3D 12 2E 6D 6C 5C 8F D7 01 E8 AC 7B 2D 79 FB 65 81 BC B7
Public Exponent (17 bits): 01 00 01
Expiration
8/27/23, 6:50:14 PM EDT
Issuer 2
DigiCert Global Root G2
Subject 2
Microsoft Azure TLS Issuing CA 06
Pub key 2
Modulus (4096 bits): B5 46 01 19 79 E9 BC 77 28 15 12 1A E3 DC E0 7E 6E A0 D1 64 14 7E 1E EE 9B D3 0B 14 62 E2 3F FE CF E5 DB C2 31 33 FB 90 A2 A4 33 AA 8F 1F 7F 8D 68 EC 90 BE 5D 93 B3 DA 42 4C C8 B6 27 6C 00 09 C3 09 6D 65 79 90 4E 22 2E BC 2D F7 F5 6E 34 DE 66 03 18 8B 07 51 77 76 37 F5 BF E5 70 6A 62 B8 FD 9D DB 75 BD E5 81 E4 30 C4 FC 22 55 A8 B1 82 17 D1 FE 24 61 BE B6 AE 98 72 7E 70 23 61 BF F8 39 DF 7D 4E 19 E1 94 0C 46 B5 FB D2 6D 77 01 54 82 82 61 F6 60 A9 1B D5 FB 99 51 79 49 DD D5 A3 63 45 85 73 3C EA 22 7E 04 B1 D9 F4 72 CB 5F A9 3B 55 33 68 C3 0D 9C 83 84 EF 56 D5 61 6D 00 D6 1A F5 F7 0E E4 39 BD 0A 90 95 E8 00 B4 C3 0E 3D 6E 91 41 03 A9 0B 81 7C 1C 51 78 BE 66 5E 2B B5 3B B5 86 D2 F9 6D 83 45 59 FD 26 73 72 D0 6C 74 19 71 D4 19 26 59 80 56 DB AD 4A 66 00 62 BE BA A5 E4 42 D3 28 A7 7C AA 0B 47 70 B4 00 E5 F9 7A 24 1D 10 82 CE 57 0D A5 9E 84 DF 3A 1A 9B 39 25 6F 00 AE 31 AD 8D C5 80 20 FF 97 F0 24 1A 59 F6 82 9E E4 66 E8 19 3F D3 73 D0 5A 18 1D 8B CE 2A C0 0D 2C B1 17 C5 27 01 D4 3D 33 52 9C 4F 04 88 65 64 D9 FA ED D2 EF 0F 1B 5A 70 49 0B 05 B8 D2 5F 71 82 07 12 FD 6F 3B 33 FB B8 43 AE 0F 27 6C 98 28 E1 97 1B A8 2B 69 F9 FF 66 95 47 70 4C 4E EF A9 E3 E8 25 F1 A9 57 A0 1C 9C C8 B9 A3 DC 9F CF 52 0A 83 F1 22 F9 7D 30 94 7A 01 AC 76 26 BF 49 AE B4 37 6A 15 EE F4 35 EF 08 CC 37 E2 D7 6B 6A E3 8F F6 F8 66 56 60 5D 5A 23 0E 60 23 0F 02 11 74 35 2E 8D 0B B4 45 5B 09 A8 52 CC CD 22 07 A6 9D 82 66 9E E6 22 82 EB C9 26 B2 D9 86 01 BB B4 A2 37 02 FD E5 7E 87 7B 69 12 F1 E7 9F 04 11 E3 CF 05 BF F4 5C 46 AA BC B9 EE 2E F5 73 67 03
Public Exponent (17 bits): 01 00 01
Expiration 2
6/27/24, 7:59:59 PM EDT
Issuer 3
DigiCert Global Root G2
Subject 3
DigiCert Global Root G2
Pub key 3
Modulus (2048 bits): BB 37 CD 34 DC 7B 6B C9 B2 68 90 AD 4A 75 FF 46 BA 21 0A 08 8D F5 19 54 C9 FB 88 DB F3 AE F2 3A 89 91 3C 7A E6 AB 06 1A 6B CF AC 2D E8 5E 09 24 44 BA 62 9A 7E D6 A3 A8 7E E0 54 75 20 05 AC 50 B7 9C 63 1A 6C 30 DC DA 1F 19 B1 D7 1E DE FD D7 E0 CB 94 83 37 AE EC 1F 43 4E DD 7B 2C D2 BD 2E A5 2F E4 A9 B8 AD 3A D4 99 A4 B6 25 E9 9B 6B 00 60 92 60 FF 4F 21 49 18 F7 67 90 AB 61 06 9C 8F F2 BA E9 B4 E9 92 32 6B B5 F3 57 E8 5D 1B CD 8C 1D AB 95 04 95 49 F3 35 2D 96 E3 49 6D DD 77 E3 FB 49 4B B4 AC 55 07 A9 8F 95 B3 B4 23 BB 4C 6D 45 F0 F6 A9 B2 95 30 B4 FD 4C 55 8C 27 4A 57 14 7C 82 9D CD 73 92 D3 16 4A 06 0C 8C 50 D1 8F 1E 09 BE 17 A1 E6 21 CA FD 83 E5 10 BC 83 A5 0A C4 67 28 F6 73 14 14 3D 46 76 C3 87 14 89 21 34 4D AF 0F 45 0C A6 49 A1 BA BB 9C C5 B1 33 83 29 85
Public Exponent (17 bits): 01 00 01
Expiration 3
1/15/38, 7:00:00 AM EST
Figure 1: Instagram Certification Path
Be sure to include a screenshot of the certificate you are looking at, and label everything clearly.
Figure 2: Instagram Certificate, *www.instagram.com, lowest level
What is the URL of the https:// site?
Who is the certificate authority on this certificate?
Who is the certificate issued to?
What is the associated public key?
When does the certificate expire?
Last updated