Configure Cloudflare, Free Let's Encrypt SSL/TLS certificate, NGINX, and Apache web servers, create CSR SSL requests
About This Video
In Detail
This course is all about securing websites with SSL/TLS …
Configure Cloudflare, Free Let's Encrypt SSL/TLS certificate, NGINX, and Apache web servers, create CSR SSL requests
About This Video
In Detail
This course is all about securing websites with SSL/TLS certificates. We start by exploring the basics of symmetric encryption algorithms such as AES, asymmetric encryption (RSA), and hashing protocols (MD5 and SHA). We will also explain the fundamentals of computer networks and TCP/IP stacks; for that, we will use the Wireshark traffic analyzer.
You will learn about the structure of SSL/TLS certificates. You will also understand why CAs (Certificate Authorities) are needed and how the chain of trust is built.
We will perform multiple practice activities such as buying a domain and configuring DNS settings, using the Certbot ACME client to automatically obtain a free SSL certificate from Let's Encrypt; then with the help of OpenSSL, we'll generate RSA keys and self-signed certificates, we'll secure WordPress with Apache using SSL/TLS certificates, and create a CSR (Certificate Signing Request) via OpenSSL and submit it to the CA server. We will configure Cloudflare for your domain and set up different SSL operation modes, install and configure NGINX web servers for SSL/TLS certificates, migrate from HTTP to HTTPS, and redirect all traffic using HTTP 301 redirect from HTTP to HTTPS.
By the end of this course, you will become a guru of SSL and TLS encryption and will be able to easily obtain and install SSL certificates on your web servers.
Who this book is for
This course is for anyone who wants to learn SSL via real-life projects. This course will also be beneficial for website owners, DevOps engineers, web developers, network engineers, and JavaScript developers.
Chapter 1 : Introduction
Course Introduction
Chapter 2 : Introduction to HTTPS and TLS
Section Introduction
Overview of Researches Dedicated to SSL, TLS, and HTTPS
Overview of the Certificates of Some Popular Websites
Difference Between HTTP and HTTPS
Analyzing Traffic Using Wireshark
TCP/IP Stack by Example
Analyzing HTTP Protocol Using Wireshark
Analyzing HTTPS and TLS Using Wireshark
Chapter 3 : Encryption and Hashing Overview
Section Introduction
Symmetric Key Encryption
Symmetric Key Encryption Algorithms
Hashing Overview
MD5 Hashing Algorithm
SHA Hashing Algorithm and HMAC Overview
Asymmetric Keys Overview
Encryption Using Asymmetric Keys
Signing Data Using Asymmetric Keys
RSA Overview
PKI - Public Key Infrastructure Overview
Certificate overview
Chapter 4 : RSA, Certificates, and Chain of Trust
Section Introduction
Installing OpenSSL
Using OpenSSL for RSA Keys Generation
Exploring Certificate of Instagram
Exploring Certificate of Google
Exploring Certificate of Comodo
Root CA and Root Certificates in the OS
How Chain of Trust is Built
Verifying Chain of Certificates
Verifying SSL Certificate and Certificates Chain
PKI, Chain of Trust and Certificates Summary
Certificate Domain Scopes
Chapter 5 : SSL, TLS, and HTTPS
Section Introduction
Introduction to SSL and TLS
History and Versions of SSL and TLS
Why RSA is not Used for Data Encryption in HTTPS
How TLS Session is Established
Analyzing TLS Session Setup Using Wireshark
Overview of Cipher Suites
Encryption Key Generation by the Web Browser
Delivering Encryption Key Using Diffie Hellman Key Exchange
Diffie Hellman Overview
Modulus Operation
Diffie Hellman Algorithm
Elliptic Curve Cryptography Overview
Point Addition on Elliptic Curve
Multiple Point Addition
Point Doubling and Optimization
Elliptic Curve Discrete Log Problem
Comparing Formulas
ECDHE - Elliptic Curve Diffie Hellman Exchange
Exploring ECDHE with ECDSA
Chapter 6 : Launching TLS Secured Website with Free Domain and Hosting
Section Introduction
Free Domains Overview
Setting Up Free Domain and Hosting Using GitHub Pages
Exploring TLS Session with Our Website at Github.io - Part 1
Exploring TLS Session with Our Website at Github.io - Part 2
Chapter 7 : Custom Domain with Free Hosting
Section Introduction
Planning the Next Steps with Paid Domain
Buying a Domain
Setting Up Free Hosting
Overview of the TLS Settings at the Free Hosting
Optional - Trying to Install Free Let’s Encrypt TLS Certificate on Free Hosting
Chapter 8 : Free TLS Certificate (Let’s Encrypt) on Paid Hosting
Section Introduction
VPS Versus Dedicated Server
Hosting Services Overview - Part 1
Hosting Services Overview - Part 2
Buying a Droplet at DigitalOcean
Launching WordPress Website with HTTPS
Exploring our Brand-New TLS Certificate
Finishing WordPress Installation
Let’s Encrypt and Certbot Overview
Exploring TLS Certificates Via Shell
Exploring Certbot Configuration and Testing Renewal
What we have Gotten so Far
Chapter 9 : Cloudflare with Free TLS Certificate
Section Introduction
Reverse Proxy and Cloudflare
Overview of the Current Setup
Moving Our Website to Cloudflare
Exploring Free TLS Certificate from Cloudflare
Exploring TLS Settings at Cloudflare
Cloudflare SSL Operation Modes
Flexible SSL Operation Mode at Cloudflare
Off SSL Operation Mode at Cloudflare
Chapter 10 : Configuring NGINX Web Server and Installing TLS Certificate
Section Introduction
Current Setup and Planning the Next Steps
Installing NGINX Web Server
Configuring NGINX Web Server
Setting Up Cloudflare Origin TLS Certificate
Cloudflare Summary
Disable Cloudflare
Chapter 11 : Creating a Self-Signed Certificate Using OpenSSL
Section Introduction
Current NGINX Server Setup Overview
CSR - Certificate Signing Request
Generate a Self-Signed Certificate Using OpenSSL
Self-Signed Certificate Overview
Cloudflare and Self-Signed Certificate
Chapter 12 : Getting and Installing a Custom Certificate
Section Introduction
Paid Certificates Overview
Getting 90-Days Valid Free TLS Certificate
Installing Custom TLS Certificate
Analyzing Our New Custom TLS Certificate
Our TLS Setup is not Complete
Installing TLS Certificate of Intermediate CA
HTTP and HTTPS Versions of Website
Configuring 301 Redirects to HTTPS
Custom TLS Certificate Summary
Chapter 13 : Cleanup
Cleanup