Mike Irving Software Developer, Consultant Web Development: - mainly on C# / .NET, SQL Server, Windows Server Years Commercial Experience. Mobile.

Slides:



Advertisements
Similar presentations
Bob German Principal Architect Introduction to Cloud Hosted Apps Your apps here!
Advertisements

Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.
© GlobalSign. A GMO Internet Inc group company. Authentication. Security. Trust. A tutorial on how you can host multiple SSL Certificates on a single IP.
WEB APPS LOGIC APPS MOBILE APPS App Service API APPS Fabrikam Kable 1. Customer books appointment 2. Customer valet assigns a technician.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004
Secure Search Engine Ivan Zhou Xinyi Dong. Project Overview  The Secure Search Engine project is a search engine that utilizes special modules to test.
Ladd Van Tol Senior Software Engineer Security on the Web Part One - Vulnerabilities.
Web Browser Security Prepared By Mohammed EL-Batta Mohammed Soubih Supervised By Eng. Eman alajrami Explain Date 10. may University of Palestine.
Open Web App. Purpose To explain Open Web Apps To explain Open Web Apps To demonstrate some opportunities for a small business with this technology To.
Strategy War Game Combine PC, Mobile and Online gaming HTML, CSS, JavaScript based Native browsers support Chrome, Safari, Internet Explorer Native clients.
Chapter 1: The Internet and the WWW CIS 275—Web Application Development for Business I.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Module 9: Fundamentals of Securing Network Communication.
Lugano Microsoft Azure Overview Ken Casada Technical Evangelist Microsoft Switzerland
Apache Web Server Quick and Dirty for AfNOG 2015 (Originally by Joel Jaeggli for AfNOG 2007) ‏
Apache Web Server Quick and Dirty Evelyn NAMARA for AfNOG 2014 (Originally by Joel Jaeggli for AfNOG 2007) ‏
CRM in Education: Raising Standards. Saving Time. Presented by: Daniel Petersen Director of Business Solutions Applied Tech.
How* to Win the #BestMicrosoftHack Shahed Chowdhuri Sr. Technical WakeUpAndCode.com *Hint: Use the Cloud.
SharePoint in the Education Space Presented by: Daniel Petersen Director of Business Solutions Applied Tech.
(ITI310) By Eng. BASSEM ALSAID SESSIONS 10: Internet Information Services (IIS)
Installing IIS 7(.5). Web Platform Installer What’s New in IIS 7 Fast CGI (PHP!) Shared Configuration Automated App Pool Isolation Extensions PowerShell.
The Internet What is the Internet? The Internet is a lot of computers over the whole world connected together so that they can share information. It.
Session 11: Cookies, Sessions ans Security iNET Academy Open Source Web Development.
Let’s Encrypt and DANE ENOG 11 | Moscow | 8 Jun 2016.
APACHE Apache is generally recognized as the world's most popular Web server (HTTP server). Originally designed for Unix servers, the Apache Web server.
Communication protocols 2. HTTP Hypertext Transfer Protocol, is the protocol of World Wide Web (www) Client web browser Web server Request files Respond.
1 Internet data security (HTTPS and SSL) Ruiwu Chen.
WordPress, Hosting, Security Mark Grice. WordPress Open Source Content Management System (CMS) Used by 59.2% of all CMS sites WordPress.com – Online WordPress.org.
Architecting Enterprise Workloads on AWS Mike Pfeiffer.
Why Does The Site Need an SSL Certification?. Security should always be a high concern for your website, but do you need an SSL certificate? A secure.
ArcGIS for Server Security: Advanced
    Customer Profile: If you have tech savvy customers, having your site secured for mobile users is recommended. Business Needs: With the growing number.
Setting and Upload Products
Data Virtualization Tutorial… SSL with CIS Web Data Sources
Deploying Web Application
Virtual Private Network (VPN)
Apache web server Quick overview.
SSL Certificates for Secure Websites
What is WWW? The term WWW refers to the World Wide Web or simply the Web. The World Wide Web consists of all the public Web sites connected to the Internet.
(Originally by Joel Jaeggli for AfNOG 2007)‏
Some bits on how it works
How to Check if a site's connection is secure ?
Hybrid Mobile Applications
Web App vs Mobile App.
IBM Certified WAS 8.5 Administrator
Microsoft Azure P wer Lunch
How to register and use ODMAP for Fire/EMS and other partners
Using SSL – Secure Socket Layer
Introducing Umbraco Latch
Article Source- Toll Free
Dynamic DNS support for EGI Federated cloud
Running on the Powerful Microsoft Azure Platform,
Dell Data Protection | Rapid Recovery: Simple, Quick, Configurable, and Affordable Cloud-Based Backup, Retention, and Archiving Powered by Microsoft Azure.
HTML5 and Local Storage.
A Programmer’s Guide to Secure Connections
Encrypting DNS traffic
IST346: Web Services and API’s
ENIAC – the first computer
APACHE WEB SERVER.
Building Security into Your System
0. Overview of 2-Day Academic .NET Workshop
Introduction to Let’s Encrypt
Western Mass Microsoft Technology Users Group
Q/ Compare between HTTP & HTTPS? HTTP HTTPS
Web Application Development Using PHP
Everything you need to know about implementing AD FS
CS4540 Special Topics in Web Development Introduction to .NET
Tyler Technologies presents: What you need to know about upcoming changes to your New World ERP technical environment in Scott Alan Miller MCP,
GenCyber Day HTTP and HTTP.
Presentation transcript:

Mike Irving Software Developer, Consultant Web Development: - mainly on C# / .NET, SQL Server, Windows Server - 15+ Years Commercial Experience. Mobile Development: - iOS - Objective-C, Xamarin, Cordova / HTML5 - Android, Windows, Cross Platform with Xamarin C# - 7+ Years Commercial Experience

WHAT THE SSL? SSL TLS encryption https:// Port: 443

Why go secure? - Prevent ‘Insecure’ Warnings in Chrome, Browsers - It’s a positive Google Search Ranking Factor, likely to become even more prominent - Apple not allowing any more insecure apps CONFIDENCE

Certificate request Web Server Certificate Authority Secure Certificate

PAIN!

Cost + Setup Pain + Renewal Pain = Can’t be arsed.

Let’s Encrypt Free, single domain certificates (no wildcards) Valid for 90 days Automated renewal process

Let’s Encrypt Universally Trusted, Supported by big players.

Let’s Encrypt Uses ACME Protocol Automatic Certificate Management Environment Typical process: - Create a Vault / Identity – tied to email address - request certificate for domain name - assign certificate to web server - request renewal within 30 days of expiry date

Let’s Encrypt ACME Client Implementations… ‘Certbot’ recommended Implementations available for all environments: Docker, Java, PHP, Python, Windows etc.

Let’s Encrypt Options on Windows ACMESharp (.NET, Powershell) letsencrypt-win-simple (.NET) Certify GUI (.Net, WinForms, uses ACMESharp)

Let’s Encrypt I have a Windows Server, Here’s what I did… - Initially Installed Certify GUI, which installed ACMESharp - now using Installed letsencrypt-win-simple (stills from) Live demo…

SSLLabs.com – SSL Report Test your site Block unsafe protocols.. i.e. SSL 2, SSL 3 Remove weak Ciphers Re-test your site Improve your rating!

Good Ciphers TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA, SSL_CK_DES_192_EDE3_CBC_WITH_MD5

Recap – Let’s Encrypt PROS: - It’s Free.. main cost will be in setting up, automating renewals - Various options, for all platforms - Automated Renewals - Ideal if you have your own Server / VM - Lots of hosting providers support it, automated - many more have it on their roadmap CONS: - Basic SSL only, no Wildcard SSL - Still some pain in setting up - Shared Hosting Environment? Likely you may only have one SSL option, a paid one.

Any questions. I’m happy to help you. www. mike-irving. co Any questions? I’m happy to help you. www.mike-irving.co.uk mike@mike-irving.co.uk

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.