SSL/TLS and Public Key Infrastructure

Name: SSL/TLS and Public Key Infrastructure
Rating: 4.2 (180 reviews)

Learn everything about SSL, PKI and its use in modern application development

Created byManju Choudhary

Last updated 1/2024

English

What you'll learn

Explore the SSL (Secure Sockets Layer) protocol and its underlying architecture, delving into the intricacies of how it secures communications over the internet
Gain insights into Public Key Infrastructure, understanding the roles and responsibilities of the various players involved.
Explore the technical and non-technical aspects of x.509 digital certificates, covering their role in authentication, encryption, and other functionalities.
Delve into the basics and fundamentals of cryptography, understanding the principles that underpin secure communication and data protection.
Learn how to utilize Keystore Explorer for efficient certificate management tasks, ensuring proficiency in handling certificates for various applications.
Acquire the skills to effectively use the Java Keytool utility, a powerful tool for managing cryptographic keys, certificates, and keystores in Java.
Explore the functionalities of the OpenSSL utility, one of the most widely used tools for SSL/TLS protocol implementation.

Course content

10 sections • 59 lectures • 3h 43m total length

Welcome and Congratulations1:24
Begin your journey to master SSL/TLS and PKI as we simplify digital certificates, network security, and related concepts for developers, network engineers, and information security managers.
Setting the Agenda1:49
What is SSL after all ?2:01
SSL
Why do we care about SSL ?4:22
Learn why secure communication matters by explaining how SSL/TLS encrypts data, verifies the sender, and keeps data unchanged against man-in-the-middle attacks.
Need of SSL

List of Tools/Utilities Needed1:56
Identify five freely available tools for certificate management and packet analysis—Java keytool, OpenSSL, Apache httpd, Apache Tomcat, and Wireshark protocol analyzer—and download them for upcoming lessons.
Downloading latest JDK1:43
Installing Apache Tomcat Server2:07
Locating the Keytool7:45
Locate the Java keytool in the JDK, learn to generate key pairs and manage certificates by importing, exporting, and printing certificates in keystore and truststore, using OpenSSL as needed.
Downloading openSSL Utility6:20
Explore how to download, install, and verify the OpenSSL utility on Windows and Linux, and use its commands to inspect certificates, ciphers, and TLS connections.
Installing the Keystore Explorer3:42
Installing Wireshark Protocol Analyzer4:07
Install Wireshark, the network protocol analyzer, via Windows Installer to capture and inspect SSL/TLS traffic. Filter for SSL packets, view the client hello handshake, and explore TLSv1.2 communications.

CIA Principle3:11
Explore the CIA triad (AIC triad)—confidentiality, integrity, and availability—and how access controls, data in transit protection, and reliable hardware sustain secure information ecosystems.
CIA Principle
Encoding3:08
Encoding
Encryption1:39
Encryption Types3:06
Lecture 16.1 Symmatric Key Encryption Command1:33
Encryption
Symmetric vs Asymmetric Encryption2:06
Lecture 17-1 Asymmetric Encryption Command2:26
Symmetric vs Asymmetric Keys
Cipher and Algorithm3:34
Cipher and Algorithm
Certificate3:29
Certificate
Digital Signature5:09
Digital Signature
Cipher Suite8:28
Cipher Suite
Hashing3:50
Explore hashing as a key information security technique that ensures data integrity by producing a unique hash for messages or files using md5, sha1, sha256, or sha512 with OpenSSL.
Hashing
Salt3:29
Salt
Keystore and TrustStore4:12
Keystore and TrustStore

SSL Handshake3:41
Explore how the SSL handshake negotiates protocol versions and cipher suites via client hello and server hello, exchanges certificates, and supports optional client authentication before a secure key exchange.
SSL Handshake
Client Hello6:10
Understand how the client hello initiates the TLS handshake on first connection or renegotiation, conveying protocol version, random data, cipher suites, compression methods, and extensions.
Client Hello
Server Hello2:31
Learn how the server responds to a client hello with a server hello, negotiating a cipher suite and extensions to advance the handshake.
Server Hello
Certificate3:30
Certificate
Server Key Exchange3:55
Explore the server key exchange step in TLS, how the master secret secures subsequent packets, and why the finished message hashes all handshake messages for authentication.
Server key Exchange
Finished1:58
Finished
Where does SSL and TLS fit in OSI model2:17
Hello Retry Request2:22

What is PKI ?2:57
Role of Certificate Authority4:49
Role of Certificate Authority
Role of Registration Authority3:26
the registration authority offloads certificate requests from the certificate authority by validating the requester’s identity and address, handling key generation if needed, and managing certificate lifecycle tasks.
Role of Registration Authority
Role of Certificate Repository2:26
Role of Certificate Repository
Relying Party2:19
Relying Party
Digital Certificate File Format4:10
Digital Certificate File Format
Certificate Lifecycle2:26
Certificate LifeCycle
Certificate Chain and Trust3:14
Explore the chain of trust in PKI, detailing entity, intermediate, and root certificates, how path-building and certificate path validation verify trust, and why root CAs stay offline.
Certificate Chain and Trust

One Way SSL2:57
Explore one-way ssl authentication, where the server presents its certificate and the client validates it against a trusted root store to verify identity, unlike mutual authentication.
MASSL - Mutual Authentication SSL2:18
LAB Session I : Setting up One way SSL Authentication using Tomcat16:52
LAB Session II : Settign up Mutual Authentication using Tomcat1:41
Creating Certificate using Keystore Explorer6:04
SSL Implementation pattern

Setup Root CA3:18
OpenSSL Configuration File3:23
Setup Intermediate CA6:46
Sign the Certificate Using Intermediate CA4:20
Create a client certificate signed by the intermediate certification authority by generating a private key, producing a CSR, and signing it with the intermediate certification authority using the server_cert extension.
Certificate Singing Using Keytool Explorer12:21
Certificate Provisioning and Singing

Requirements

Access to a computer with an internet connection is essential.
A commitment to allocate time for grasping complex topics is crucial; cultivating patience is imperative.
No additional prerequisites are necessary.

Description

Embark on a transformative journey with our comprehensive course on Public Key Infrastructure (PKI) and SSL/TLS. Tailored for individuals at any level of expertise, this program is designed to sculpt every participant into a Subject Matter Expert (SME) in the dynamic realm of PKI and SSL/TLS. We presume no prior knowledge, ensuring a seamless learning experience that starts from the fundamentals and progresses to advanced concepts.

Explore an expansive array of topics within the course, spanning from the essentials of cryptography to the intricate internals of SSL/TLS protocols. Engage in practical, hands-on sessions that demystify the complexities of certificate management, providing a tangible skill set for real-world application. Whether you're a seasoned developer or a system administrator, our course serves as the premier destination for mastering the intricacies of PKI, SSL, and certificates.

Join us at the forefront of cybersecurity education, where knowledge meets practicality, and emerge not just educated, but empowered in the domains of PKI and SSL/TLS.

Happy to have you here, Join us at the forefront of cybersecurity education, where knowledge meets practicality, and emerge not just educated, but empowered in the domains of PKI and SSL/TLS, uncover the depths of digital security; you're in the right spot!

Who this course is for:

Application developers curious about the SSL/TLS and security in general
Information security Analyst who want to understand protocol architecture

SSL/TLS and Public Key Infrastructure

What you'll learn

Explore related topics

Course content

Introduction4 lectures • 10min

History of SSL Protocol1 lecture • 3min

Setting the required Tools and Libraries7 lectures • 28min

Security Terminologies14 lectures • 49min

Secure Socket layer Protocol8 lectures • 26min

Public Key Infrastructure8 lectures • 26min

Common SSL Implementation Pattern5 lectures • 30min

Best Practices3 lectures • 10min

SSL Protocol Architecture4 lectures • 11min

Certificate Provisioning and Singing5 lectures • 30min

Requirements

Description

Who this course is for: