[sdnog] encryption for everyone.
Nishal Goburdhan
nishal at controlfreak.co.za
Tue Jan 26 12:52:29 SAST 2016
On 26 Jan 2016, at 11:13, Nishal Goburdhan wrote:
> some time ago, sara posted about using a self-signed x509 certificate
> for https://www.sdnog.sd.
> that’s a great first step towards making sure your servers are
> serving encrypted data.
> another alternative is to consider using www.letsencrypt.org; a free
> certificate authority (so, you’ll be happy to know that you don’t
> need a credit card!)
>
> a colleague recently did a very simply how-to: if you’re
> interested, lookup https://www.pch.net/sanog27/
>
> the writeup:
> Though you may be a network operator or network engineer, setting up a
> secure Apache web server with the latest security measures is well
> within your reach. The next time you want do deploy a server, even for
> internal use only, you should follow these best practices to maintain
> a web server which is resilient against the latest vulnerabilities
> like POODLE, BEAST and Heartbleed, to name a few. The icing on the
> cake is that Let's Encrypt, a TLS certificates provider, is now in
> public beta so CA verifiable certs are free AND easy.
and the video is here, thanks to SANOG:
https://www.youtube.com/watch?v=tDC_QtqkBYw
—n.
More information about the sdnog
mailing list