Bulletproof TLS Guide
Version 2023.1 (build 134), published in May 2024.
All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, without the prior permission in writing of the publisher.
The author and publisher have taken care in preparation of this book, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for incidental or consequential damages in connection with or arising out of the use of the information or programs contained herein.
Feisty Duck Limited
www.feistyduck.com
[email protected]
Production editor: Jelena Girić-Ristić
Copyeditor: Melinda Rankin
Copyright ©
2023
Feisty Duck Limited. All rights reserved.
Table of Contents
- Preface
- Chapter 1. Configuration Guide
- 1.1 Private Keys and Certificates
- 1.1.1 Use Strong Private Keys
- 1.1.2 Secure Your Private Keys
- 1.1.3 Choose the Right Certification Authority
- 1.1.4 Prevent Certificate Warnings
- 1.1.5 Control Key and Certificate Sharing
- 1.1.6 Think Chains, Not Certificates
- 1.1.7 Deploy Certification Authority Authorization
- 1.1.8 Automate Certificate Renewal
- 1.1.9 Use Certificate Transparency Monitoring
- 1.2 Configuration
- 1.3 HTTP and Application Security
- 1.4 Performance
- 1.5 Validate and Monitor
- 1.1 Private Keys and Certificates