How does the client get the certificate chain when verifying a TLS connection?

Asked Mar 07 '21 at 12:53

Active Mar 07 '21 at 13:32

Viewed 22 times

When a client creates a TLS connection, he is given a certificate.

To make sure this certificate is authentic the client must look at the certificate chain.

My question is: How does the client get this chain? Is there a special protocol for asking certificates or is he given a complete chain by the host?

Thanks

edited Mar 07 '21 at 13:32

asked Mar 07 '21 at 12:53

Trigosin Darom

This is covered in [our reference question on TLs](https://security.stackexchange.com/questions/20803/how-does-ssl-tls-work) under “Certificates and Authentication”. – Gilles 'SO- stop being evil' Mar 07 '21 at 13:32

0 Answers0