Knowing and understanding the handshake messages that are exchanged during an SSL handshake is essential to understanding how SSL works on the Web.
This is a fill-in-the-blank exercise. Enter the appropriate handshake message from the list provided below.
HELP. Two of the entries have already been filled in. Additional assistance is provided by the SSL handshake diagram.
ClientHello |
ServerHello |
ServerKeyExchange |
ServerHelloDone |
CertificateRequest |
CertificateMessage |
NoCertificate |
ClientKeyExchange |
Finished |
| Handshake Message | Description |
|---|---|
| The client sends a Hello message to the server to initiate the negotiation of certain SSL session characteristics. | |
ServerHello |
ServerHello is the first response to the client-initiated ClientHello message. ServerHello can contain a server certificate and demand the client to authenticate to the server. |
| If the server has no certificate or the certificate used does not support the Diffie-Hellman protocol, the server must exchange public keys with the client. | |
| This message indicates that the server's portion of the Hello message is complete. | |
The server sends this request to the client, asking the client to authenticate. The client will respond with either a certificate message or a NoCertificate alert. |
|
| The contents of this message differ between the chosen public key algorithms. The client will try to respond with a suitable certificate based on the chosen encryption algorithm. | |
| The client sends this alert stating that no suitable client certificate exists. This response can result in a termination of the SSL process if the server requires authentication. | |
| If the client forced the server to do a key exchange, the client will respond with its public key. | |
Finished |
This message is the last exchange between server and client before data transmission commences. |