Transport Layer Security

Headers

HTTP Strict Transport Security (HSTS)

Mechanism enabling web sites to declare themselves accessible only via secure connections and/or for users to be able to direct their user agent(s) to interact with given sites only over secure connections

Online Certificate Status Protocol (OCSP)

Protocol useful in determining the current status of a digital certificate without requiring [Certificate Revocation Lists (CRLs)]

Resources

Is TLS Fast Yet?
Yes, yes it is
Let’s Encrypt
Free, automated, and open Certificate Authority
Security/Server Side TLS
Contains information on TLS protocols, known issues and vulnerabilities, configuration examples and testing tools
Weak Diffie-Hellman and the Logjam Attack
Uncovered several weaknesses in how Diffie-Hellman key exchange has been deployed

Test

Observatory : Python : CLI/Library/Web
Project designed to help developers, system administrators, and security professionals configure their sites safely and securely
Qualys SSL Labs SSL Server Test : Web
Performs a deep analysis of the configuration of any SSL web server on the public Internet
SSLyze : Python : CLI/Library
Fast and powerful SSL/TLS server scanning library
testssl.sh : Bash : CLI
Testing TLS/SSL encryption anywhere on any port