Security and TLS/SSL¶
This section covers essential security practices for system administrators, focusing on certificate management, TLS/SSL termination, and secure communication.
Guides¶
1
Start Here
2
TLS/SSL Fundamentals
Public key infrastructure, certificate chains, the TLS handshake, and using OpenSSL for common tasks.
Certificate Management
Obtaining and renewing certificates with Let's Encrypt and Certbot, building internal CAs, and troubleshooting failures.
Introduction¶
Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. It is the successor to Secure Sockets Layer (SSL). In modern web administration, ensuring that all services are encrypted is no longer optional.
Key Concepts¶
- CA (Certificate Authority): An entity that issues digital certificates.
- CSR (Certificate Signing Request): A message sent from an applicant to a certificate authority in order to apply for a digital certificate.
- Root Certificate: A public key certificate that identifies a root certificate authority.
- Intermediate Certificate: A certificate that acts as a link between the root certificate and the end-entity certificate.
- Private Key: A secret key that is used to decrypt data and sign certificates; it must never be shared.