Transport Layer Security#

HTTP headers#

HTTP Strict Transport Security (HSTS)

Mechanism enabling web sites to declare themselves accessible only via secure connections and/or for users to be able to direct their user agent(s) to interact with given sites only over secure connections

Online Certificate Status Protocol (OCSP)

Protocol useful in determining the current status of a digital certificate without requiring [Certificate Revocation Lists (CRLs)]


Is TLS Fast Yet?

Yes, yes it is

Let’s Encrypt

Free, automated, and open Certificate Authority

Security/Server Side TLS

Contains information on TLS protocols, known issues and vulnerabilities, configuration examples and testing tools

Weak Diffie-Hellman and the Logjam Attack

Uncovered several weaknesses in how Diffie-Hellman key exchange has been deployed



Project designed to help developers, system administrators, and security professionals configure their sites safely and securely

Qualys SSL Labs SSL Server TestWeb

Performs a deep analysis of the configuration of any SSL web server on the public Internet


Fast and powerful SSL/TLS server scanning library


Testing TLS/SSL encryption anywhere on any port