We can't find the internet
Attempting to reconnect
Something went wrong!
Hang in there while we get back on track
SAINTCON 2016 - Christopher Hopkins (hydroplane) - Using LetsEncrypt and Optimizing TLS
Learn effective ways to leverage TLS and LetsEncrypt to secure your online presence, including best practices for certificate validation, OCSP stapling, and more.
- Always check the root certificate of a website and be cautious when accessing websites with unknown or untrusted roots.
- Use a certificate validation tool, such as SSL Labs, to test the security of a website’s TLS configuration.
- Enable OCSP stapling to improve the performance and security of TLS configurations.
- Use an intermediate certificate, as it provides a good balance between security and compatibility.
- Consider using Lets Encrypt, a free certificate authority that provides a simple and automated way to obtain certificates.
- The Elliptic Curve Diffie-Hellman ephemeral key agreement method is recommended for improved security.
- GCM (Galois Counter Mode) is a good option for authentication encryption.
- Always update your software and browsers to the latest version to ensure compatibility with TLS 1.2.
- Consider using key pinning to improve the security of your website.
- Always use HTTPS and redirect all HTTP requests to HTTPS.
- Certificate Authorities (CAs) are not always trustworthy, so be cautious when accessing websites that do not have a recognizable CA.