tls   7545

« earlier    

mholt/certmagic: Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal
Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal - mholt/certmagic
golang  tls  certificates 
yesterday by geetarista
Automagical HTTPS with Docker and Go
It all starts with the acme/autocert package.
docker  golang  https  tls 
2 days ago by lidel
A solution for resisting SSL interception without breaking compatibility or requiring cooperation with third parties is needed. The SSL/TLS protocol allows not only servers to authenticate themselves using certificates, but clients as well. Client certificates are widely popular in some government agencies and countries, such as Estonia [27], but are not used by websites catering to the general (US) public. Interestingly, client certificates allow us to sidestep the interception problem.
tls  security 
2 days ago by jhealy
Zscaler Intermediate Certificate - Stack Overflow
Zscaler apparently allows SSL inspection to be controlled per-domain
tls  security 
3 days ago by jhealy
HTTPS in the real world | Robert Heaton
a good read about how HTTPS/TLS works from an operational point of view
encryption  https  tls  primer 
6 days ago by lidel
SSL/TLS inspection (MITM proxy) : networking
Chrome does not perform pin validation when the certificate chain chains up to a private trust anchor. A key result of this policy is that private trust anchors can be used to proxy (or MITM) connections, even to pinned sites. “Data loss prevention” appliances, firewalls, content filters, and malware can use this feature to defeat the protections of key pinning.

We deem this acceptable because the proxy or MITM can only be effective if the client machine has already been configured to trust the proxy’s issuing certificate — that is, the client is already under the control of the person who controls the proxy (e.g. the enterprise’s IT administrator). If the client does not trust the private trust anchor, the proxy’s attempt to mediate the connection will fail as it should.
chrome  cybersecurity  tls  mitm  ssl  network  monitoring 
7 days ago by bwiese

« earlier    

related tags

1.3  5.2  accessibility  acme  act  android  ansible  article  authentication  autogenerated  aws  bestpractices  boulder  bro  byte  ca  cert  certbot  certificate  certificates  certs  cfssl  chadema  check  chrome  client-certificates  clients  cloud-init  cloudflare  cluster  code  computing  connection  container  create  crypto  cryptographie  cryptography  csr  ct  cuf  curl  cybersecurity  cyberthreatintel  dashboard  decryption  development  discussion  dnnsec  dns  docker  eff  elasticsearch  encryption  engine  etls  explained  fail  fingerprint  free  frida  getpocket  git  gitlab  gmail  golang  hacking  handshake  haproxy  hash  hashicorp  history  howto  http  https  ifttt  illustration  important  in  information  interception  internet  ios  ja3  java  jdk  k8s  kafka  keys  kubernetes  lambda  learn  lets  letsencrypt  lhrc  local  log  lxc  mailserver  middlebox  mitm  mkcert  monitoring  move  mta  mtls  netflow  network  networking  new  nginx  oauth  openshift-aceme  openssl  overviews  passive  pentesting  pki  political_parties_act  politics  primer  project  protocol  protocols  proxmox  proxy  rant  reference  resource  reverse  reverseproxy  roca  scan  script  search  security  sendmail  server  servers  sharepoint  smb/cifs  smtp  sni  software  sqlserver  ssh  ssl-proxy  ssl  standard  standards  suggestions  suricata  symantec  sysadmin  tanzania  tech  template  test  testing  tfav  threathunting  tips  tls13  toast  tools  tricks  tutorial  utilities  valid  variant  vault  ve  veeam  web  webdev  websec  whats  wifi  wordpress  xcterm.js 

Copy this bookmark: