[sdnog] encryption for everyone.
Nishal Goburdhan
nishal at controlfreak.co.za
Tue Jan 26 11:13:47 SAST 2016
some time ago, sara posted about using a self-signed x509 certificate
for https://www.sdnog.sd.
that’s a great first step towards making sure your servers are serving
encrypted data.
another alternative is to consider using www.letsencrypt.org; a free
certificate authority (so, you’ll be happy to know that you don’t
need a credit card!)
a colleague recently did a very simply how-to: if you’re interested,
lookup https://www.pch.net/sanog27/
the writeup:
Though you may be a network operator or network engineer, setting up a
secure Apache web server with the latest security measures is well
within your reach. The next time you want do deploy a server, even for
internal use only, you should follow these best practices to maintain a
web server which is resilient against the latest vulnerabilities like
POODLE, BEAST and Heartbleed, to name a few. The icing on the cake is
that Let's Encrypt, a TLS certificates provider, is now in public beta
so CA verifiable certs are free AND easy.
—n.
More information about the sdnog
mailing list