SSL Certificates and Encryption

facebook

If you are working on security, especially online security, you will need to know about SSL. So what is SSL (Secure Socket Layer)? It encrypts data transmission from (1) server to server or (2) server to you. This is very important as it prevents man in the middle attacks such as site forgery, especially for banks or sensitive information.

You can now verify your connection by the green lock on your browser. If its not showing, then the communication between you and the website is public and open.

You can purchase signed certificates from CA (certificate authorities) most commonly by yearly subscriptions and they range from USD$50 – USD$1500. Depending on your needs, you can secure one domain www.mywebsite.com or multi-domain *.mywebsite.com. The latter is useful if you have multiple services via subdomains.

My personal recommendation is either DigiCert (trusted by Facebook/IBM/BMW) or Symantec.

Common de-facto Standards

Currently certs should have a 2048-bit SSL cert with 256-bit RSA encoded transmission. Google.com uses an SSL Cert “The connection is encrypted and authenticated using AES_128_GCM and uses ECDHE_RSA as the key exchange mechanism.” which is generated via Elliptic Curve Public Key algorithm.

You will be amazed that how much large websites do not have certs or encryption in place.

Top SSL providers by market share

  1. Comodo – 41.0%
  2. Symantec – 30.2%
  3. GoDaddy – 13.3%
  4. GlobalSign – 10.4%
  5. DigiCert – 3.1%
  6. StartCom – 2.2%
  7. Entrust – 0.8%
  8. Verizon – 0.7%
  9. Trustwave – 0.6%
  10. Secom – 0.6%

New open initiative CA – LetsEncrypt
(by Mozilla / Facebook / Cisco / Chrome / Shopify )

A free CA (letsencrypt.org) is now provided by Major players that allow you to generate new certs for your web servers.

To install on MacOSX

$ brew search letsencrypt

$ brew install letsencrypt

References

  • https://letsencrypt.org/getting-started/
  • https://en.wikipedia.org/wiki/Certificate_authority
  • http://security.stackexchange.com/questions/19473/understanding-2048-bit-ssl-and-256-bit-encryption


Top Home mirageglobe




Leave a Reply


Recent Posts
Extracting OVF from VMware ESXI 6.0 · Installing LMDE 2 Betsy · SSL Certificates and Encryption · Machine Learning with Spark · Installing Lubuntu in Virtualbox · Getting started with Docker · Ubuntu upgrade limited boot space · Top 10 Browsers Overview · Taovilla Oracle app beta built using meteorjs · Setting up Debian on VirtualBox · The HomeBrew doctor · Caffeine icon for ubuntu / lubuntu · Updating wordpress without FTP · Updating wordpress without FTP · Preinstalled Languages on mainstream OS · Reminisce of Xcom · Java install on Ubuntu · Display image as ASCII art · VirtualBox Resizing Lubuntu Guest Linux · Introducing Samurai · Macbook Pro Key mapping for Lubuntu · Common Apache Nginx commands · Refreshing Git versioned files · Basic Environments for Jira · Converting a hg mercurial to git repository · Long term domain name costs comparison · SVG Graphing · 2 ways to Php install on mac · Introducing Samurai and Installing Meteorjs to own server · Improving the speed of Linux Mint · SVG graphics with Javascript · FTP Clients for Mac OS X · Windows Apps on Mac · Programming Languages Compared · Hackers Natural Cure · Publishing on Ebooks · Editors such as SublimeText2 · Good Coding Practice · LMDE Linux Mint Debian Edition · Heroku Webapp · Hadoop Single node 32bit on 12.10 Mint XFCE · Tracing User Behaviour FRUBO · Installing Nginx on MacOSX · Installing Ruby on MacOS X · Turn off annoying compress outlook message · HTML5 Apps on Cordova PhoneGap with MacOSX · Choosing and using Latex · Reviewing Javascript World · Draw up an Ubuntu Server Environment · Draw up a Lightweight Mail Server · Draw up a Web Database · Php CMS and Frameworks · Drawing up a Web Service · Draw up a Virtual Cloud Server · Unlocking and Flashing your ZTE Blade · Pip error in Python with Homebrew · HomeBrew for OSX · Windows and Linux Desktop Security · TexMaker with Glossary on Mac · Quick way to OpenStack on Lubuntu · Ancient IT Dictionary · TeaTime for Basic Python · CVs and Jobhunting · Chinese Input on Linux Ubuntu · Research in Computer Science · Reviewing Applications on My Mac · Reviewing Applications on My Windows · Installing Windows XP · Installing wireless on Linux Ubuntu or Mint · Restoring an Amazon EC2 Backup · Mac Update PASV problem · Reviewing Green Computing · Consuming the Cloud Storage Space · Using Cherokee and WordPress Whine · Disabling Lubuntu Screensaver · Installing Lubuntu from USB drive · Searching for a Micro Mini CMS · ReStructuredText in Python · Rackspacecloud Vs Amazon · Hacking your old PSP · Attending Atlanta 55th MMM Conference · Smart devices for everyday use · Creative Programmers · Linux Settings · Embarking on Further Education · Machine Learning · Mac Tips – Viewing hidden files on desktop · Creating PDF files for free · Online Media for All · C# ASP Settings · SVN Git and Mercurial Versioning · Getting the last inserted id using datasets · Think Lucky and be Happy · AngieGallery Design · AceTravel Design · Letter to Mum · Prison Vs Work · Irish Daughter · Are you a carrot, an egg or a coffee bean? · Home Media Entertainment Setup · Collection of Interesting sites · Studying in London · Great Oriental eats in London · CMS Joomla, WordPress, Drupal compared ·

© 2017 · MirageGlobe · using zenifywordpress theme by www.dracoturtur.com ·
  · RSS Feed