Transport Layer Security¶
HTTP headers¶
- HTTP Strict Transport Security (HSTS)
Mechanism enabling web sites to declare themselves accessible only via secure connections and/or for users to be able to direct their user agent(s) to interact with given sites only over secure connections
- Online Certificate Status Protocol (OCSP)
Protocol useful in determining the current status of a digital certificate without requiring [Certificate Revocation Lists (CRLs)]
Resources¶
- Is TLS Fast Yet?
Yes, yes it is
- Let’s Encrypt
Free, automated, and open Certificate Authority
- moz://a SSL Configuration Generator
Builds configuration files to help you follow the Mozilla Server Side TLS configuration guidelines
Test¶
- ObservatoryPythonCLI/Library/Web
Project designed to help developers, system administrators, and security professionals configure their sites safely and securely
- Qualys SSL Labs SSL Server TestWeb
Performs a deep analysis of the configuration of any SSL web server on the public Internet
- SSLyzePythonCLI/Library
Fast and powerful SSL/TLS server scanning library
- testssl.shBashCLI
Testing TLS/SSL encryption anywhere on any port