Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mike Irving Software Developer, Consultant Web Development: - mainly on C# / .NET, SQL Server, Windows Server Years Commercial Experience. Mobile.

Published byRaymond May Modified over 6 years ago

Similar presentations

Presentation on theme: "Mike Irving Software Developer, Consultant Web Development: - mainly on C# / .NET, SQL Server, Windows Server Years Commercial Experience. Mobile."— Presentation transcript:

1

2 Mike Irving Software Developer, Consultant Web Development: - mainly on C# / .NET, SQL Server, Windows Server Years Commercial Experience. Mobile Development: - iOS - Objective-C, Xamarin, Cordova / HTML5 - Android, Windows, Cross Platform with Xamarin C# Years Commercial Experience

3 WHAT THE SSL? SSL TLS encryption Port: 443

4 Why go secure? - Prevent ‘Insecure’ Warnings in Chrome, Browsers
- It’s a positive Google Search Ranking Factor, likely to become even more prominent - Apple not allowing any more insecure apps CONFIDENCE

5

6 Certificate request Web Server Certificate Authority Secure Certificate

7

8 PAIN!

9 Cost + Setup Pain + Renewal Pain
= Can’t be arsed.

10

11 Let’s Encrypt Free, single domain certificates (no wildcards) Valid for 90 days Automated renewal process

12 Let’s Encrypt Universally Trusted, Supported by big players.

13 Let’s Encrypt Uses ACME Protocol Automatic Certificate Management Environment Typical process: - Create a Vault / Identity – tied to address request certificate for domain name assign certificate to web server request renewal within 30 days of expiry date

14 Let’s Encrypt ACME Client Implementations… ‘Certbot’ recommended Implementations available for all environments: Docker, Java, PHP, Python, Windows etc.

15 Let’s Encrypt Options on Windows ACMESharp (.NET, Powershell) letsencrypt-win-simple (.NET) Certify GUI (.Net, WinForms, uses ACMESharp)

16 Let’s Encrypt I have a Windows Server, Here’s what I did… - Initially Installed Certify GUI, which installed ACMESharp - now using Installed letsencrypt-win-simple (stills from) Live demo…

17

18

19

20

21

22 SSLLabs.com – SSL Report
Test your site Block unsafe protocols.. i.e. SSL 2, SSL 3 Remove weak Ciphers Re-test your site Improve your rating!

23 Good Ciphers TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA, SSL_CK_DES_192_EDE3_CBC_WITH_MD5

24 Recap – Let’s Encrypt PROS: - It’s Free.. main cost will be in setting up, automating renewals - Various options, for all platforms - Automated Renewals - Ideal if you have your own Server / VM - Lots of hosting providers support it, automated - many more have it on their roadmap CONS: - Basic SSL only, no Wildcard SSL - Still some pain in setting up - Shared Hosting Environment? Likely you may only have one SSL option, a paid one.

25 Any questions. I’m happy to help you. www. mike-irving. co
Any questions? I’m happy to help you.

Download ppt "Mike Irving Software Developer, Consultant Web Development: - mainly on C# / .NET, SQL Server, Windows Server Years Commercial Experience. Mobile."

Similar presentations

Bob German Principal Architect Introduction to Cloud Hosted Apps Your apps here!

Bob German Principal Architect Introduction to Cloud Hosted Apps Your apps here!
Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.

Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.
© GlobalSign. A GMO Internet Inc group company. Authentication. Security. Trust. A tutorial on how you can host multiple SSL Certificates on a single IP.

© GlobalSign. A GMO Internet Inc group company. Authentication. Security. Trust. A tutorial on how you can host multiple SSL Certificates on a single IP.
WEB APPS LOGIC APPS MOBILE APPS App Service API APPS Fabrikam Kable 1. Customer books appointment 2. Customer valet assigns a technician.

WEB APPS LOGIC APPS MOBILE APPS App Service API APPS Fabrikam Kable 1. Customer books appointment 2. Customer valet assigns a technician.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004

SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004
Secure Search Engine Ivan Zhou Xinyi Dong. Project Overview  The Secure Search Engine project is a search engine that utilizes special modules to test.

Secure Search Engine Ivan Zhou Xinyi Dong. Project Overview  The Secure Search Engine project is a search engine that utilizes special modules to test.
Ladd Van Tol Senior Software Engineer Security on the Web Part One - Vulnerabilities.

Ladd Van Tol Senior Software Engineer Security on the Web Part One - Vulnerabilities.
Web Browser Security Prepared By Mohammed EL-Batta Mohammed Soubih Supervised By Eng. Eman alajrami Explain Date 10. may. 2010 University of Palestine.

Web Browser Security Prepared By Mohammed EL-Batta Mohammed Soubih Supervised By Eng. Eman alajrami Explain Date 10. may University of Palestine.
Open Web App. Purpose To explain Open Web Apps To explain Open Web Apps To demonstrate some opportunities for a small business with this technology To.

Open Web App. Purpose To explain Open Web Apps To explain Open Web Apps To demonstrate some opportunities for a small business with this technology To.
Strategy War Game Combine PC, Mobile and Online gaming HTML, CSS, JavaScript based Native browsers support Chrome, Safari, Internet Explorer Native clients.

Strategy War Game Combine PC, Mobile and Online gaming HTML, CSS, JavaScript based Native browsers support Chrome, Safari, Internet Explorer Native clients.
Chapter 1: The Internet and the WWW CIS 275—Web Application Development for Business I.

Chapter 1: The Internet and the WWW CIS 275—Web Application Development for Business I.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Module 9: Fundamentals of Securing Network Communication.

Module 9: Fundamentals of Securing Network Communication.
2014 - Lugano Microsoft Azure Overview Ken Casada Technical Evangelist Microsoft Switzerland

Lugano Microsoft Azure Overview Ken Casada Technical Evangelist Microsoft Switzerland
Apache Web Server Quick and Dirty for AfNOG 2015 (Originally by Joel Jaeggli for AfNOG 2007) ‏

Apache Web Server Quick and Dirty for AfNOG 2015 (Originally by Joel Jaeggli for AfNOG 2007) ‏
Apache Web Server Quick and Dirty Evelyn NAMARA for AfNOG 2014 (Originally by Joel Jaeggli for AfNOG 2007) ‏

Apache Web Server Quick and Dirty Evelyn NAMARA for AfNOG 2014 (Originally by Joel Jaeggli for AfNOG 2007) ‏
CRM in Education: Raising Standards. Saving Time. Presented by: Daniel Petersen Director of Business Solutions Applied Tech.

CRM in Education: Raising Standards. Saving Time. Presented by: Daniel Petersen Director of Business Solutions Applied Tech.
How* to Win the #BestMicrosoftHack Shahed Chowdhuri Sr. Technical WakeUpAndCode.com *Hint: Use the Cloud.

How* to Win the #BestMicrosoftHack Shahed Chowdhuri Sr. Technical WakeUpAndCode.com *Hint: Use the Cloud.
SharePoint in the Education Space Presented by: Daniel Petersen Director of Business Solutions Applied Tech.

SharePoint in the Education Space Presented by: Daniel Petersen Director of Business Solutions Applied Tech.

Similar presentations

Ads by Google