Digital release: August 2015
Paperback release: August 2015
First published in: August 2014
Language: English (548 pages)
Formats: Paperback, PDF, EPUB,
Kindle, Online; no DRM
Understanding and deploying SSL/TLS and
PKI to secure servers and web applications, by Ivan Ristić
For system administrators, developers, and IT security professionals, this book provides a comprehensive
coverage of the ever-changing field of SSL/TLS and Internet PKI. Written
by Ivan Ristić, a security researcher and author of SSL Labs, this book will teach you everything you
need to know to protect your systems from eavesdropping and impersonation attacks.
This book is continuously updated.
To read more about the maintenance process, click here.
“The most comprehensive book about deploying TLS in the real world!”
Nasko Oskov, Chrome Security developer and
former SChannel developer
Eric Lawrence, Fiddler author and former
Internet Explorer Program Manager
“The most to the point and up to date book about SSL/TLS I've read.”
Jakob Schlyter, IT security advisor and DANE co-author
Part I: SSL/TLS and PKI 1. SSL, TLS, and Cryptography
3. Public Key Infrastructure
4. Attacks against PKI
5. HTTP and Browser Issues
6. Implementation Issues
7. Protocol Attacks
Part II: Deployment and Development 8. Deployment
9. Performance Optimization
10. HSTS, CSP and Pinning
Part III: Practical Configuration 11. OpenSSL Cookbook
12. Testing with OpenSSL
13. Configuring Apache
14. Configuring Java and Tomcat
15. Configuring Microsoft Windows and IIS
16. Configuring Nginx
A free 100-page book that covers the most frequently used OpenSSL
features and commands, based on chapters 11 and 12 of Bulletproof SSL and TLS.
If you have any questions, please find us on Twitter. If your question is about the book content,
contact @ivanristic. For everything else,
write to @feistyduck.
Ivan’s SSL Work
Below are links to some of Ivan’s SSL work:
Qualys SSL Test
Detailed SSL configuration test of any public SSL server. Click here to test yours.