SSL Keys and Certificates

The SSL protocol allows the transmission of secure data between a server and client who both have the keys to decode the transmission and the certificates to verify trust between them.

An SSL certificate is a digital document containing a public key, host information, and a digital signature from the certificate issuer, known as a Certificate Authorities (CAs). The certificate allows trust to be established between two communicating endpoints.

The inline SSL decryption solution has a trust store, which is a collection of certificates of CAs. Gigamon only trusts server certificates that have a trust anchor in the configured trust store, in other words, if the certificate chain can be built with one of the root CAs in the trust store. Gigamon ships with a default trust store, which you can replace.

The inline SSL decryption solution acts as a Man-in-the-Middle (MitM). In the outbound deployment case, the MitM generates server certificates on-the-fly signed by the installed Signing CA. In the inbound deployment case, server certificate generation is not needed but the server's private key and certificate chain need to be made available to the MitM.

The inline SSL decryption solution also has a key store, which is a collection of SSL private keys (for inbound deployments) and SSL certificates and corresponding private keys that are used to digitally sign the emulated server certificates (for outbound deployments).

Figure 1 shows a sample certificate and its relevant parts.

Figure 95 Sample Certificate