tls

WordPress HTTPS, SSL & TLS – A Guide For Website Administrators

When you visit a website, your browser (also known as a client) sends a HTTP request to a web server. Once the web server sends an HTTP response, the browser can then render the page to your screen....

Tìm hiểu về giao thức HTTP và HTTPS và các lỗ hổng bảo mật của nó.

Tổng quan về giao thức của máy tính. Giao thức là gì ? -Giao thức (protocol) là một tập hợp tiêu chuẩn để trao đổi thông tin giữa hai hệ thống máy tính...

Autonomous Operator 1.2.0 Public Connectivity

In my previous article I discussed—from a high level—the new Public Connectivity feature in Autonomous Operator 1.2.0. This was intentionally an abstract overview in order to coax the user to learn about the joys of DDNS, TLS and layer 3 Networking.Give a man a fish, and you feed him for a day. Teach a man to fish, and you feed him for a lifetimeHopefully you have all invested the time to learn how to fish! (or at least ready to get your feet wet.) This article gives a practical tutorial on configuration of the Operator in order to be...

Adding security layers to your App on OpenShift - Part 1: Deployment and TLS Ingress

Adding security layers to your App on OpenShift — Part 1: Deployment and TLS IngressToday, securing your apps is a « must have » but it’s difficult to introduce it without modifying code...

Introducing CIRCL: An Advanced Cryptographic Library

As part of Crypto Week 2019, today we are proud to release the source code of a cryptographic library we’ve been working on: a collection of cryptographic primitives written in Go, called CIRCL....

Towards Post-Quantum Cryptography in TLS

We live in a completely connected society. A society connected by a variety of devices: laptops, mobile phones, wearables, self-driving or self-flying things. We have standards for a common language...

Securing Certificate Issuance using Multipath Domain Control Validation

This blog post is part of Crypto Week 2019.Trust on the Internet is underpinned by the Public Key Infrastructure (PKI). PKI grants servers the ability to securely serve websites by issuing digital...

HTTPS and TLS/SSL

SSL là chữ viết tắt của Secure Sockets Layer (Lớp socket bảo mật). Một loại bảo mật giúp mã hóa liên lạc giữa website và trình duyệt. Công nghệ này đang lỗi...

Automatically Detect Expiring HTTPS SSL Certificates

All too often we hear about a site going down or suffering problems because they’ve let their public x509 certificate expire. SSL certificates, which are required for HTTPS to work for secure...

End of support for Internet Explorer 11 and TLS versions 1.0 and 1.1

Dynatrace news Beginning September 30, 2019, the Dynatrace web UI will no longer support Internet Explorer 11. We value your security and user experience, so please switch to a Dynatrace-supported...

How Mutual TLS authentication work?

Before we deep dive into the nitty gritty of mutual tls, let’s try to solve a puzzle.Alice wants to share a secret message with Bob. She put the message in an envelope and hand over it courier....

Cloudflare Support for Azure Customers

Cloudflare seeks to help its end customers use whichever public and private clouds best suit their needs. Towards that goal, we have been working to make sure our solutions work well with various...

Server Name Indication (SNI) and Ingress TLS in Kubernetes with Ambassador

The open source Ambassador 0.50 API gateway adds support for Server Name Indication (SNI), a much-requested feature from the community that allows the configuration of multiple TLS certificates to...

HTTP/3: From root to tip

HTTP is the application protocol that powers the Web. It began life as the so-called HTTP/0.9 protocol in 1991, and by 1999 had evolved to HTTP/1.1, which was standardised within the IETF (Internet...

Tracing Soon-to-Expire Federal .gov Certificates with CT Monitors

As of December 22, 2018, parts of the US Government have “shut down” because of a lapse in appropriation. The shutdown has caused the furlough of employees across the government and has affected...

How to Build a Netboot Server, Part 4

One significant limitation of the netboot server built in this series is the operating system image being served is read-only. Some use cases may require the end user to modify the image. For...

Encrypting DNS end-to-end

Over the past few months, we have been running a pilot with Facebook to test the feasibility of securing the connection between 1.1.1.1 and Facebook’s authoritative name servers. Traditionally, the...

Strengthen TLS in React Native Through Certificate Pinning — iOS Edition

Strengthen TLS in React Native Through Certificate Pinning — iOS EditionEnhance React Native’s networking API protection on Android and iOS without touching your Javascript code or manually...

Know your SCM_RIGHTS

As TLS 1.3 was ratified earlier this year, I was recollecting how we got started with it here at Cloudflare. We made the decision to be early adopters of TLS 1.3 a little over two years ago. It was a very important decision, and we took it very seriously. It is no secret that Cloudflare uses nginx to handle user traffic. A little less known fact, is that we have several instances of nginx running. I won’t go into detail, but there is one instance whose job is to accept connections on port 443, and proxy them to another instance of nginx that...

How to prepare for the mandatory use of TLS 1.2

In support of our promise to provide best-in-class encryption to our customers, we will be moving to Transport Layer Security (TLS) 1.2 and discontinuing support for TLS versions 1.0 and 1.1. Starting March 29, 2019, we’ll be turning off support for all API requests to Sift Science from servers using those older versions of TLS. Why we’re updating to TLS 1.2 We’re doing this to comply with industry best practices and to provide you with a more secure experience. The TLS protocol is used to encrypt your servers’ communications with...

Encrypt it or lose it: how encrypted SNI works

Today we announced support for encrypted SNI, an extension to the TLS 1.3 protocol that improves privacy of Internet users by preventing on-path observers, including ISPs, coffee shop owners and...

Roughtime: Securing Time with Digital Signatures

When you visit a secure website, it offers you a TLS certificate that asserts its identity. Every certificate has an expiration date, and when it’s passed due, it is no longer valid. The idea is...

Service announcement: Removal of support for TLS 1.0

On the 22nd of September 2018, we will begin disabling support for TLS 1.0 in connections to Pusher Channels. Please make sure your clients support at least TLS 1.1. At Pusher, we value security and safety above all else. TLS 1.0 is not as secure as we and many of our customers would like. As time goes on, the standards encourage us to stop supporting less secure versions of TLS. We’ve done this in the past, disabling SSLv3 after the POODLE attack was discovered. Other companies providing cloud services are doing this too. For example,...

Enable Private DNS with 1.1.1.1 on Android 9 Pie

Recently, Google officially launched Android 9 Pie, which includes a slew of new features around digital well-being, security, and privacy. If you’ve poked around the network settings on your...

A Detailed Look at RFC 8446 (a.k.a. TLS 1.3)

For the last five years, the Internet Engineering Task Force (IETF), the standards body that defines internet protocols, has been working on standardizing the latest version of one of its most...

A collection of 103 posts

Search tls