SENA SS800 User Manual

57

9.

The server sends a message to the client informing it that future messages from the server will

be encrypted with the session key. It then sends a separate (encrypted) message indicating

that the server portion of the handshake is finished.

10. The SSL/TLS handshake is now complete, and the SSL/TLS session has begun. The client

and the server use the session keys to encrypt and decrypt the data they send to each other

and to validate its integrity.

Client

Client Hello

Certificate

ClientKeyExchange

CertificateVerify

Application Data

ChangeCiperSpec

Server Hello

Certificate

ServerKeyExchange

CertificateRequest

ServerHelloDone

ChangeCiperSpec

Application Data

Handshake

Finished

Plain

Text

Cipher

Text

Server

Figure 4-10 Typical SSL/TLS Handshake Process

The Super Series can act as a SSL/TLS server or as a SSL/TLS client depending on status of TCP

mode. If TCP connection with SSL/TLS is initiated from remote host first, Super Series acts as a

SSL/TLS server during the SSL handshake process. On the contrary, if TCP connection with SSL/TLS

is initiated from serial port of Super Series first, Super Series acts as a SSL/TLS client during the SSL

handshake process.

When user uses SSL/TLS cryptography method, user can configure following parameters.



Enable/Disable cipher suites

A cipher suite is an object that specifies the asymmetric, symmetric and hash algorithms that are used

to secure an SSL/TLS connection. The asymmetric algorithm is used to verify the identity of the server

(and optionally, that of the client) and to securely exchange secret key information. The symmetric