You acquire an SSL Certificate, install it on your server, and then configure your website to use the certificate to safeguard communications between you and your end-users. The SSL connection is established when the end user’s browser extends its hand to shake hands with your website.
During this handshake, information about the browser and server’s capabilities is communicated, validation happens, and a session key that fits both the browser’s and the server’s criteria is established. Once the session key is generated, the remainder of the dialogue between the end user and your site is encrypted and hence safe. Historically, the RSA public-key cryptosystem was the most often used technique for negotiating the session key. The RSA technique protects the session key parameters established by the browser after they are delivered to the server using the server’s public key. This handshake may be decrypted by the server using its matching private key.
When you utilize the RSA key exchange technique, it establishes a connection between the server’s key pair and the session key generated for each unique secure session. As a result, if an attacker obtains the server’s private key, they will be able to decode your SSL connection as well as any stored SSL sessions.
When Perfect Forward Secrecy (PFS) is enabled, there is no relationship between your server’s private key and each session key. If an attacker has access to your server’s private key, the attacker will be unable to decode any of your archived sessions, which is why it is referred to as “Perfect Forward Secrecy.”
ZOFixer.com security scan helps to find this vulnerability in your software and server, you can easily use it by registering on our website and activating the 30-day trial.