SSL Complete Guide 2021: HTTP to HTTPS

SSL Complete Guide 2021: HTTP to HTTPS

by Bogdan Stashchuk
Released May 2021
Publisher(s): Packt Publishing
ISBN: 9781839211508

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Video description

This course is all about securing websites with SSL/TLS certificates. We start by exploring the basics of symmetric encryption algorithms such as AES, asymmetric encryption (RSA), and hashing protocols (MD5 and SHA). We will also explain the fundamentals of computer networks and TCP/IP stacks; for that, we will use the Wireshark traffic analyzer.

You will learn about the structure of SSL/TLS certificates. You will also understand why CAs (Certificate Authorities) are needed and how the chain of trust is built.

We will perform multiple practice activities such as buying a domain and configuring DNS settings, using the Certbot ACME client to automatically obtain a free SSL certificate from Let's Encrypt; then with the help of OpenSSL, we'll generate RSA keys and self-signed certificates, we'll secure WordPress with Apache using SSL/TLS certificates, and create a CSR (Certificate Signing Request) via OpenSSL and submit it to the CA server. We will configure Cloudflare for your domain and set up different SSL operation modes, install and configure NGINX web servers for SSL/TLS certificates, migrate from HTTP to HTTPS, and redirect all traffic using HTTP 301 redirect from HTTP to HTTPS.

By the end of this course, you will become a guru of SSL and TLS encryption and will be able to easily obtain and install SSL certificates on your web servers.

What You Will Learn

  • Learn how to install SSL/TLS certificate on web servers
  • Differentiate between HTTP and HTTPS
  • Secure WordPress with Apache using SSL/TLS certificates
  • Understand what a CA is and how the chain of trust is built
  • Install and configure an NGINX web server for SSL/TLS encryption
  • Redirect all traffic using HTTP 301 redirect from HTTP to HTTPS

Audience

This course is for anyone who wants to learn SSL via real-life projects. This course will also be beneficial for website owners, DevOps engineers, web developers, network engineers, and JavaScript developers.

About The Author

Bogdan Stashchuk: Bogdan Stashchuk is an experienced instructor (over 20+ years) with a software engineering background. He teaches complex stuff in an easy step-by-step manner. All his courses include practical exercises, which allow the learners to follow him from the start of any course till the end. Learners will perform all tasks the same way he does in his video lectures. There are a lot of challenging assignments, the solutions for which are discussed inside the course. This is the perfect combination that enables you to really learn and retain gained knowledge for a long period of time.

Table of contents

  1. Chapter 1 : Introduction
    1. Course Introduction
  2. Chapter 2 : Introduction to HTTPS and TLS
    1. Section Introduction
    2. Overview of Researches Dedicated to SSL, TLS, and HTTPS
    3. Overview of the Certificates of Some Popular Websites
    4. Difference Between HTTP and HTTPS
    5. Analyzing Traffic Using Wireshark
    6. TCP/IP Stack by Example
    7. Analyzing HTTP Protocol Using Wireshark
    8. Analyzing HTTPS and TLS Using Wireshark
  3. Chapter 3 : Encryption and Hashing Overview
    1. Section Introduction
    2. Symmetric Key Encryption
    3. Symmetric Key Encryption Algorithms
    4. Hashing Overview
    5. MD5 Hashing Algorithm
    6. SHA Hashing Algorithm and HMAC Overview
    7. Asymmetric Keys Overview
    8. Encryption Using Asymmetric Keys
    9. Signing Data Using Asymmetric Keys
    10. RSA Overview
    11. PKI - Public Key Infrastructure Overview
    12. Certificate overview
  4. Chapter 4 : RSA, Certificates, and Chain of Trust
    1. Section Introduction
    2. Installing OpenSSL
    3. Using OpenSSL for RSA Keys Generation
    4. Exploring Certificate of Instagram
    5. Exploring Certificate of Google
    6. Exploring Certificate of Comodo
    7. Root CA and Root Certificates in the OS
    8. How Chain of Trust is Built
    9. Verifying Chain of Certificates
    10. Verifying SSL Certificate and Certificates Chain
    11. PKI, Chain of Trust and Certificates Summary
    12. Certificate Domain Scopes
  5. Chapter 5 : SSL, TLS, and HTTPS
    1. Section Introduction
    2. Introduction to SSL and TLS
    3. History and Versions of SSL and TLS
    4. Why RSA is not Used for Data Encryption in HTTPS
    5. How TLS Session is Established
    6. Analyzing TLS Session Setup Using Wireshark
    7. Overview of Cipher Suites
    8. Encryption Key Generation by the Web Browser
    9. Delivering Encryption Key Using Diffie Hellman Key Exchange
    10. Diffie Hellman Overview
    11. Modulus Operation
    12. Diffie Hellman Algorithm
    13. Elliptic Curve Cryptography Overview
    14. Point Addition on Elliptic Curve
    15. Multiple Point Addition
    16. Point Doubling and Optimization
    17. Elliptic Curve Discrete Log Problem
    18. Comparing Formulas
    19. ECDHE - Elliptic Curve Diffie Hellman Exchange
    20. Exploring ECDHE with ECDSA
  6. Chapter 6 : Launching TLS Secured Website with Free Domain and Hosting
    1. Section Introduction
    2. Free Domains Overview
    3. Setting Up Free Domain and Hosting Using GitHub Pages
    4. Exploring TLS Session with Our Website at Github.io - Part 1
    5. Exploring TLS Session with Our Website at Github.io - Part 2
  7. Chapter 7 : Custom Domain with Free Hosting
    1. Section Introduction
    2. Planning the Next Steps with Paid Domain
    3. Buying a Domain
    4. Setting Up Free Hosting
    5. Overview of the TLS Settings at the Free Hosting
    6. Optional - Trying to Install Free Let's Encrypt TLS Certificate on Free Hosting
  8. Chapter 8 : Free TLS Certificate (Let's Encrypt) on Paid Hosting
    1. Section Introduction
    2. VPS Versus Dedicated Server
    3. Hosting Services Overview - Part 1
    4. Hosting Services Overview - Part 2
    5. Buying a Droplet at DigitalOcean
    6. Launching WordPress Website with HTTPS
    7. Exploring our Brand-New TLS Certificate
    8. Finishing WordPress Installation
    9. Let's Encrypt and Certbot Overview
    10. Exploring TLS Certificates Via Shell
    11. Exploring Certbot Configuration and Testing Renewal
    12. What we have Gotten so Far
  9. Chapter 9 : Cloudflare with Free TLS Certificate
    1. Section Introduction
    2. Reverse Proxy and Cloudflare
    3. Overview of the Current Setup
    4. Moving Our Website to Cloudflare
    5. Exploring Free TLS Certificate from Cloudflare
    6. Exploring TLS Settings at Cloudflare
    7. Cloudflare SSL Operation Modes
    8. Flexible SSL Operation Mode at Cloudflare
    9. Off SSL Operation Mode at Cloudflare
  10. Chapter 10 : Configuring NGINX Web Server and Installing TLS Certificate
    1. Section Introduction
    2. Current Setup and Planning the Next Steps
    3. Installing NGINX Web Server
    4. Configuring NGINX Web Server
    5. Setting Up Cloudflare Origin TLS Certificate
    6. Cloudflare Summary
    7. Disable Cloudflare
  11. Chapter 11 : Creating a Self-Signed Certificate Using OpenSSL
    1. Section Introduction
    2. Current NGINX Server Setup Overview
    3. CSR - Certificate Signing Request
    4. Generate a Self-Signed Certificate Using OpenSSL
    5. Self-Signed Certificate Overview
    6. Cloudflare and Self-Signed Certificate
  12. Chapter 12 : Getting and Installing a Custom Certificate
    1. Section Introduction
    2. Paid Certificates Overview
    3. Getting 90-Days Valid Free TLS Certificate
    4. Installing Custom TLS Certificate
    5. Analyzing Our New Custom TLS Certificate
    6. Our TLS Setup is not Complete
    7. Installing TLS Certificate of Intermediate CA
    8. HTTP and HTTPS Versions of Website
    9. Configuring 301 Redirects to HTTPS
    10. Custom TLS Certificate Summary
  13. Chapter 13 : Cleanup
    1. Cleanup

Product information

  • Title: SSL Complete Guide 2021: HTTP to HTTPS
  • Author(s): Bogdan Stashchuk
  • Release date: May 2021
  • Publisher(s): Packt Publishing
  • ISBN: 9781839211508