This talk is intended for beginners and will introduce you to the fundamentals of securing your Apache HTTP Server with HTTPS. The talk covers the basics of TLS/SSL security and certificates, and the OpenSSL toolkit. The basic configuration of the Apache HTTP Server will be explained, and we will walk through some standard use cases and common pitfalls and issues when using HTTPS.
This talk is intended for beginners and will introduce you to the fundamentals of securing the client-server communication of your Apache HTTP Server with HTTPS.
Instead of simply explaining mod_ssl configuration directives the aim of this talk is to also explain you the basics of SSL certificates and security in relation to the mod_ssl directives.
We will start by introducing the TLS/SSL protocol, and how it is used together with HTTP in order to provide for data encryption, integrity, and authentication. The basics of X.509 server and client certificates, and certification authorities will be explained, as well as the essential commands of the OpenSSL toolkit. The talk will cover the basic configuration of the Apache HTTP Server including client certificate authentication, discuss some of the standard use cases, and common pitfalls and issues when using HTTPS.