How networking secures the connection between Certificate Authority and Client? [closed]

networking https certificate-authority

I know HTTPS is based on the Certificate Authority (CA). If a client tries to send a request to a server (Assuming there is a Certificate), is it possible that a middleman can take the certificate from client and get the public key from the CA? At the same time, the middleman gives a fake Certificate to the Client and when the client sends a Certificate to CA, the middleman again intercepts it and give him fake public key.

I hope my question is clear enough. Thanks.


Under normal circumstances the client doesn't connect to the CA when making a HTTPS (or any other TLS) connection, they have a local copy of all the CA certificates they trust to issue server certificates.

So the client connects to the server, which sends the client a copy of it's server certificate, this contains a hash signed by the CA's private key, which is checked with the client's local copy of the CA's public key.

Related

Audit policy being overwritten by "something"
TCP passthrough for HTTP connection with haproxy
Couldn't load target `NOTRACK':No such file or directory
High Linux loads on low CPU/memory usage
Tuning Linux disk caching behaviour for maximum throughput
Anything Close to an NSA Guide for Securing RHEL 6 [closed]
postfix system "mail name"
Hosting multiple domains on a single email server with one IP
cpanel - I'd like to add CNAME for domain.com [duplicate]
Automatically sign all commits with git [closed]
Apache httpd error "proxy: ap_get_scoreboard_lb" with ProxyPass
Prevent apt-check from eating all my memory