neonprimetime security , just trying to help: SSL/TLS Best Practices from the OpenSSL Cookbook

Wednesday, March 18, 2015

SSL/TLS Best Practices from the OpenSSL Cookbook

Ivan Ristić wrote a great free online book about SSL/TLS security called OpenSSL Cookbook.

Appendix A makes for great bullet points "SSL/TLS Deployment Best Practices"

Use 2048 bit private keys
Restrict Access to the private keys
Obtain Cert from a reliable CA
Use Strong Cert algorithms (Ex: don't use SHA1)
Use Secure Protocols (Ex: don't use SSL v2 or v3)
Use Secure Cipher Suites (Ex: don't use RC4)
Support Forward Secrecy
Disable Client-Initiated Renegotiation
Disable TLS compression
Pay attention to performance
Encrypt 100% of your website (don't mix content)
Secure your cookies
Validate everything works

Copyright © 2015, this post cannot be reproduced or retransmitted in any form without reference to the original post.

1 comment:

UnknownOctober 26, 2015 at 9:24 PM
tempat nyari SSL murah ya di IDwebhost.com Cuman disini kamu bisa menemukan paket terbaik untuk hosting webkamu.
ReplyDelete
Replies

Subscribe to: Post Comments (Atom)