book cover

Bulletproof TLS Guide  

Comprehensive and yet concise guide to practical SSL/TLS and PKI configuration. Includes coverage of TLS server configuration and web application security. Written by Ivan Ristić.

1.1 Private Keys and Certificates

Private keys are the cornerstone of TLS security, but also the easiest thing to get right. After all, CAs won’t be willing to issue certificates against weak keys. But despite our focus on key sizes, the weakest link is usually key management, or the job of keeping the private keys private. We’ll touch upon that in this section. Equally important are certificates, which build upon the keys with important metadata, such as the permission to associate a certificate with a particular domain name.

< Prev
^ Table of Contents
Next >