SSL-TLS essentials: theory and implementation

SSL/TLS for Developers, Operators, DevOps and the rest of us!

What you’ll learn:
Understand how SSL/TLS works to encrypt and authenticate data
Create self-signed certificates for small environments
Deploy a dedicated Certificate Authority (CA) for medium and large environments
Use free public certificate authoritites like Let’s Encrypt
Learn how to authenticate clients using mutual TLS (mTLS)
Use cloud-based certificate authorities (AWS as an example)

Requirements
Some Linux background, You should be comfortable using the shell.

Description
SSL/TLS is often implemented without being fully understood!

If you’ve worked in an IT environment of any size and for any period, you’ve used SSL/TLS at least once. Think of that self-signed certificate you’ve created for the company’s internal portal or when the information security department required you to switch to HTTPS for all web communications.

90% of the time, you follow the steps to implement SSL/TLS, but you don’t really get the why and the how. Remember when the information security professional required you to use TLS 1.2 and not 1.1? what’s the difference? Are we using SSL or TLS or both? Why does the browser sometimes show a warning message when you switch to HTTPS although you followed every step in the guide? What is mTLS?

Do you have time to read books and articles about all that jargon? Probably not.

This class is here to help you!

SSL/TLS theory and implementation was designed for those of us who need to get up to speed with SSL/TLS as soon as possible. But they don’t have time to go through all the books, articles, guides, and manuals.

The class was created with junior developers, operators, and QA engineers in mind. It is a beginner’s course. So, if you are a seasoned security professional with many years of IT security experience and you’re looking to take your knowledge to the next level, this course is not for you.

SSL/TLS is the kind of knowledge that will make you stand out of the crowd!

IT professionals with more than one skill set are more likely to get hired/promoted. That’s a fact. Your time is precious, and you need to widen your skillset as fast as possible. That’s another fact.

How to maximize your benefit from this class?

Some people like to read the theory first, grasp the concept, and build a mental model. Further on, they start implementing what they’ve learned.

Some other people prefer to get their hands dirty as soon as they can. If they are stuck with something, they refer to the theory and explanation.

If you’re of the first kind, you can go through the course from start to finish. Sections one and two draw the big picture and lay the ground for what’s next. The rest of the class includes many hands-on exercises for the most common use cases of SSL/TLS.

Those of you who are less patient can start directly at section three, which is the first section in the “implementation” part of the class.

What is covered?

· What is SSL/TLS and the Public Key Infrastructure (PKI)?

· What is an X.509 certificate and how does it fit in the equation?

· How and when to use wildcard certificates?

· What is a CA, an intermediary CA, and a leaf/node certificate?

· How to create a self-signed certificate in just one command?

· How to deploy certificates on Nginx, Apache web server, and Apache Tomcat application server?

· How to create your very own certificate authority (CA)?

· How to create an intermediary CA for enhanced security?

· How to use free services like Let’s Encrypt to install certificates to your websites?

· What and how to use mutual TLS (mTLS) for client authentication?

· How to use SSL/TLS with Kubernetes Ingress Nginx controller?

· How to use free certificates from Amazon using AWS certificate manager?

In addition to several quizzes to test your knowledge.

A note about Extra Lectures

This class includes more than one lecture which is labeled “extra lectures”. The purpose of them is to provide even more value for the student. However, they may require some additional background that not everyone has. So, they are not strictly required to understand the core concept of the class, but they provide some extra value. For example, using SSL/TLS certificates with Kubernetes Ingress controller requires an understanding of Kubernetes clusters and how they work.

Again, SSL/TLS is more implemented than understood.

Enrich your knowledge, become an expert in multiple domains, and jumpstart your professional IT career.

Who this course is for
IT professionals who need to understand how SSL/TLS really works
Developers who don’t know why they are required to use HTTPS in their APIs and services
Operators who need a hands-on guide on how to properly deploy public key infrastructure (PKI) in their environments
Backend and frontend web developers who need to know how to effectively secure communication to their web services