Ready for the real environment experience?
SSL/TLS is the standard for securing communications over a network. There are clear security benefits of deploying SSL/TLS on your web servers and other applications requiring secure communication. However, there are many decisions to make when deploying SSL/TLS. This Lab teaches you about several areas you need to consider before getting hands-on practice with a variety of tools for working with SSL/TLS.
In this Lab, you will learn about SSL/TLS best practices and a variety of tools in the SSL/TLS toolkit to help ensure your deployments are configured they way you expect them to be. You will also use tools that help protect you as new vulnerabilities are discovered and the security landscape expands.
Upon completion of this Lab you will be able to:
- Understand and reason about SSL/TLS deployment decisions
- Analyze SSL/TLS deployments of public and private websites
- Understand the role of clients in SSL/TLS security
- Use OpenSSL to create keys and test SSL/TLS deployments
- Create an internal certificate authority (CA) and sign certificates with it
You should be familiar with:
- Linux basics such as file permissions and working on the command line
- The difference between HTTP and HTTPS
Before completing the Lab instructions, the environment will look as follows:
After completing the Lab instructions, the environment should look similar to:
About the Author
Logan has been involved in software development and research for over eleven years, including six years in the cloud. He is an AWS Certified DevOps Engineer - Professional, MCSE: Cloud Platform and Infrastructure, and Certified Kubernetes Administrator (CKA). He earned his Ph.D. studying design automation and enjoys all things tech.