TLS & HTTPS Visualized, and HTTPS localhost setup in 2025 Год выпуска: 2024 Производитель: Udemy Сайт производителя: https://www.udemy.com/course/tls-https Автор: Clyde Matthew Продолжительность: ~4h22m Тип раздаваемого материала: Видеоурок Язык: Английский Описание: Deep dive into TLS (previously called SSL) and HTTPS: Gain insights that set you apart from 99% of developers. Understand the true meaning of HTTPS beyond the surface-level claims of "security" The end of HTTP/1.1: Any serious developer today must concentrate on TLS security and hosting websites over the more robust protocols like HTTP/2 and HTTP/3. Stay relevant in a rapidly evolving digital landscape Key Concepts Unlocked: Explore advanced topics such as hybrid key exchange, encryption, public key infrastructure (PIK), asymmetric and symmetric cryptography, TLS handshake, HMAC, signatures, hashing, and cipher suites. Each concept builds a solid foundation for your web security knowledge. This course is meticulously crafted for developers who are eager to elevate their TLS skills and gain a profound understanding of HTTPS, Certificate Authorities, and secure server configurations. SSL is old-school, outdated and deprecated. Therefore this course focuses on TLS as the protocol used with HTTP/2 and HTTP/3. What You’ll Learn: Throughout this course, you will embark on an adventure that seamlessly blends theory with hands-on practice. Here’s what you can expect: Practical HTTPS setup: You are going to learn how to use Node.js, and Live Server to set up a localhost server over a secure TLS / HTTPS connection. You will master the process of creating certificates and generating keys. Encryption: Understand the principles of encryption, including both symmetric and asymmetric methods, the concept of "keys" and how they are applied in secure HTTPS communications. TLS Handshake Mechanics: Dive deep into the TLS handshake process, learning how secure connections are established between clients and servers. Public Key Infrastructure: Learn about the framework that enables secure data exchange through digital certificates and key management. Advanced TLS Concepts and Cryptography: Gain insights into Hybrid Key Exchange (KEM algos), HMAC, signatures, hashing techniques, and cipher suites that form the backbone of secure TLS web interactions.
Содержание
03:38 Analyze HTTP/1.1 traffic using Wireshark 06:37 How to capture encrypted HTTPS traffic over HTTP/3 04:11 03:12 Symmetric key encryption 04:42 Asymmetric key encryption 05:08 Analyzing QUIC and HTTP/3 traffic in Wireshark, and extracting session keys 14:56 What encryption algorithms does OpenSSL provide? 03:20 HTTP, HTTPS and Encryption 8 вопросов 09:50 Asymmetric key encryption guarantees confidentiality 03:46 Ultimate goal for HTTPS is for client and server to use symmetric key encryption 01:54 07:01 Using asymmetric keys to produce signatures 03:57 Intro to hashing using Bash terminal and utilities 03:29 Hashing ensures integrity of data 04:41 Combining hashing with key encryption 05:47 04:31 Why a Public Key Infrastructure (PKI) system is needed 01:28 Public Key Infrastructure (PKI) and Certificate Authorities (CA) explained 03:42 How does a server request a certificate - Certificate Signing Request (CSR) 03:17 Certificate Signing Request (CSR) 00:17 How to view trusted CA's on your browser and operating system 03:34 How does a client verify a server's signed certificate? 06:04 What does the client actually check on the certificate? 00:38 TLS process recap: part 1 of 2 (client hello and server hello) 06:21 Using Wireshark to examine the client hello and server hello with TLS 1.3 11:02 TCP Streams vs. HTTP/3 Streams 01:07 Timeout - quantum computers have necessitated more complex algos 01:55 Timeout - TLS 1.3 Hybrid Key Exchange using ML-KEM and ECDH X25519 (Advanced) 11:37 Summary of the hybrid key exchange mechanism in TLS 1.3 00:14 TLS process recap: part 2 of 2 (premaster and master secret, and symmetric keys) 12:05 TLS Deep Dive and PKI 11 вопросов Intro to .pem | ACN.1 | PKCS | .crt | .csr and steps required to establish TLS 14:49 CA, and certificate generation process, VISUALIZED 06:33 Part 1: Using XCA and Live Server to spin up a localhost server over HTTPS/TLS 00:52 XCA - creating a local CA, and a self-signed certificate 07:31 XCA - creating keys, a CSR and a signed X.509 certificate for localhost 06:50 XCA - run a localhost server using Live Server, over HTTPS/TLS 06:32 XCA - Using Wireshark to examine our TLS connection 05:27 Part 2: Using OpenSSL and Live Server to run a localhost server over HTTPS/TLS 00:32 OpenSSL - installing OpenSSL 01:53 OpenSSL - producing CA keys and certificate 09:07 Inspecting the private key file, and extracting the public key from it 07:24 OpenSSL - generating server key pairs, and a server CSR file 07:05 OpenSSL - generating a signed certificate certificate by our CA 02:47 OpenSSL - run a localhost server using Live Server, over HTTPS/TLS 01:50 Part 3: Create a Node server to run a localhost server over HTTPS and TLS 00:36 Node - setting up our Node server code 09:59 Node - using the mkcert API to run a Node localhost server over HTTPS/TLS 10:33 Node - using the mkcert CLI to run a Node localhost server over HTTPS/TLS 07:15 Outro 01:19
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum