Bulletproof SSL and TLS book cover
Buy now
From £19 (about $32 or €23)
Release date: July 2014 (estimate)
Last update: 8 April 2014
Language: English (est. 425 pages)
ISBN: 978-1907117046
Formats: Paperback, PDF, EPUB,
     Mobi, Online (no DRM)
Bulletproof SSL and TLS
The complete guide to deploying secure servers
and web applications, by Ivan Ristić
  • Comprehensive coverage of the ever-changing field of SSL/TLS and Web PKI
  • For IT security professionals, to help you understand the risks
  • For system administrators, to help you deploy systems securely
  • For developers, to help you design and implement secure web applications
  • Practical and concise, with depth where details are relevant
  • Written by the author of SSL Labs and the SSL/TLS configuration assessment tool
  • Available as paperback and various digital formats (PDF, EPUB, Mobi/Kindle); no DRM
  • This book will save you countless hours with its mix of theory, risk analysis, configuration advice, and practical information you can use straight away
Table of Contents
The green parts are available now. About 350 pages and 80% of the book. You will get the remaining chapters as they are written, and the final version at the end.

Part I: SSL/TLS and PKI
1. Cryptography 2. SSL and TLS 3. Public Key Infrastructure 4. Attacks against PKI 5. HTTP and Browser Issues 6. Implementation Attacks 7. Protocol Attacks
Part II: Deployment and Development
8. Deployment 9. Performance 10. Advanced Topics
Part III: Practical Configuration
11. OpenSSL Cookbook 12. Testing with OpenSSL 13. Configuring Apache 14. Configuring Java and Tomcat 15. Configuring Microsoft Windows and IIS 16. Configuring Nginx
A. SSL/TLS Deployment Best Practices

About the Author

Ivan Ristić is a security researcher, engineer, and author, known especially for his contributions to the web application firewall field and development of ModSecurity, an open source web application firewall, and for his SSL/TLS and PKI research, tools and guides published on the SSL Labs web site.

He is the author of two books, Apache Security and ModSecurity Handbook, which he publishes via Feisty Duck, his own platform for continuous writing and publishing. Ivan is an active participant in the security community and you'll often find him speaking at security conferences such as Black Hat, RSA, OWASP AppSec, and others. He's currently Director of Application Security Research at Qualys.


Early Access TOC and Preface
Description of what is available in the Early Access version.

OpenSSL Cookbook
A free 60-page book that covers the most frequently used OpenSSL features and commands. Includes Chapter 11 and the appendix from the full book.

SSL/TLS Deployment
Best Practices

Concise 11-page guide/check-list.

Qualys SSL Test

Detailed SSL configuration test of any public SSL server. Click here to test yours.