SSL/TLS Deployment Best Practices

The SSL/TLS Deployment Best Practices document provides clear and concise instructions to help overworked administrators and programmers spend the minimum time possible to deploy a secure site or web application. The focus is on advice that is practical and easy to understand. MORE »

SSL Server Rating Guide

SSL Server Rating Guide aims to establish a straightforward assessment methodology, allowing administrators to assess SSL server configuration confidently without the need to become SSL experts. MORE »

Bulletproof SSL and TLS

Bulletproof SSL and TLS provides a comprehensive coverage of SSL/TLS and PKI for the deployment of secure servers and web applications. It starts with an introduction to cryptography, SSL/TLS, and PKI, follows with a discussion of the current problems, and finishes with practical advice for configuration and performance tuning. Advanced technologies such as pinning, HTTP Strict Transport Security, Content Security Policy, and DANE are covered in a separate chapter. OpenSSL is well covered with two chapters, and there's also a chapter for each of Apache, Java and Tomcat, Microsoft and IIS, and Nginx. MORE »

OpenSSL Cookbook

OpenSSL Cookbook is a free ebook that provides complete coverage of OpenSSL installation, configuration, and key and certificate management. Includes SSL/TLS Deployment Best Practices in the appendix, providing concise guide to design and deployment of secure web sites. MORE »