Difference between -keyalg RSA and CipherSuite RSA

2019-08-07 04:26发布

问题:

I am trying to understand SSL more in depth but I was confused yesterday when I saw that you could specify -keyalg RSA with keytool.

What is the difference between -keyalg RSA in keytool and a cipher suite which specifies RSA e.g. ECDHE_RSA_WITH_AES_128_CBC_SHA256.

Thanks.

回答1:

'keyalg' specifies the algorithm for a private/public key pair, used in association with X.509 certificates for authentication purposes including the authentication phase of SSL.

Cipher suites specify symmetric keys, message digest algorithms, and authentication methods, for use in SSL sessions.