Secure Sockets Layer (SSL) with CA Signed Certificates

Secure Sockets Layer (Transport Layer Security (TLS) more accurately) is the technology that you can use for a secure connection. The root certificate, often called a trusted root, is at the center of the trust model that provides support for the Public Key Infrastructure issued by trusted Certificate Authority. In the SSL ecosystem, you can generate a signing key and sign a new certificate with that signature. The certificate is considered valid only when it gets directly signed by a trusted Certificate Authority (CA). To validate the certificate, the device compares the certificate issuer with the list of trusted CAs. If there is no match, the client checks to see if the certificate of the issuing CA was issued by a trusted CA, and this continues until the end of the certificate chain where the root certificate issued by a trusted Certificate Authority is found.

The following image shows the HTTPS communication from Root CA and KVM on RHEL 8.10:

The following figure shows the Certificate Authority in RHEL 8.10: