01-19-2025, 05:07 AM
Year of manufacture : 2024
Manufacturer : Udemy
Manufacturer's website : Posted by Clyde Matthew
Duration : ~4h22m
Type of material distributed : Video lesson
Language : En
Описание: Deep dive into TLS (previously called SSL) and HTTPS: Gain insights that set you apart from 99% of developers. Understand the true meaning of HTTPS beyond the surface-level claims of "security"
The end of HTTP/1.1: Any serious developer today must concentrate on TLS security and hosting websites over the more robust protocols like HTTP/2 and HTTP/3. Stay relevant in a rapidly evolving digital landscape
Key Concepts Unlocked: Explore advanced topics such as hybrid key exchange, encryption, public key infrastructure (PIK), asymmetric and symmetric cryptography, TLS handshake, HMAC, signatures, hashing, and cipher suites. Each concept builds a solid foundation for your web security knowledge.
This course is meticulously crafted for developers who are eager to elevate their TLS skills and gain a profound understanding of HTTPS, Certificate Authorities, and secure server configurations.
SSL is old-school, outdated and deprecated. Therefore this course focuses on TLS as the protocol used with HTTP/2 and HTTP/3.
What You'll Learn:
Throughout this course, you will embark on an adventure that seamlessly blends theory with hands-on practice. Here's what you can expect:
Practical HTTPS setup: You are going to learn how to use Node.js, and Live Server to set up a localhost server over a secure TLS / HTTPS connection. You will master the process of creating certificates and generating keys.
Encryption: Understand the principles of encryption, including both symmetric and asymmetric methods, the concept of "keys" and how they are applied in secure HTTPS communications.
TLS Handshake Mechanics: Dive deep into the TLS handshake process, learning how secure connections are established between clients and servers.
Public Key Infrastructure: Learn about the framework that enables secure data exchange through digital certificates and key management.
Advanced TLS Concepts and Cryptography: Gain insights into Hybrid Key Exchange (KEM algos), HMAC, signatures, hashing techniques, and cipher suites that form the backbone of secure TLS web interactions.
Content
03:38
Analyze HTTP/1.1 traffic using Wireshark
06:37
How to capture encrypted HTTPS traffic over HTTP/3
04:11
03:12
Symmetric key encryption
04:42
Asymmetric key encryption
05:08
Analyzing QUIC and HTTP/3 traffic in Wireshark, and extracting session keys
14:56
What encryption algorithms does OpenSSL provide?
03:20
HTTP, HTTPS and Encryption
8 questions
09:50
Asymmetric key encryption guarantees confidentiality
03:46
Ultimate goal for HTTPS is for client and server to use symmetric key encryption
01:54
07:01
Using asymmetric keys to produce signatures
03:57
Intro to hashing using Bash terminal and utilities
03:29
Hashing ensures integrity of data
04:41
Combining hashing with key encryption
05:47
04:31
Why a Public Key Infrastructure (PKI) system is needed
01:28
Public Key Infrastructure (PKI) and Certificate Authorities (CA) explained
03:42
How does a server request a certificate - Certificate Signing Request (CSR)
03:17
Certificate Signing Request (CSR)
00:17
How to view trusted CA's on your browser and operating system
03:34
How does a client verify a server's signed certificate?
06:04
What does the client actually check on the certificate?
00:38
TLS process recap: part 1 of 2 (client hello and server hello)
06:21
Using Wireshark to examine the client hello and server hello with TLS 1.3
11:02
TCP Streams vs. HTTP/3 Streams
01:07
Timeout - quantum computers have necessitated more complex algos
01:55
Timeout - TLS 1.3 Hybrid Key Exchange using ML-KEM and ECDH X25519 (Advanced)
11:37
Summary of the hybrid key exchange mechanism in TLS 1.3
00:14
TLS process recap: part 2 of 2 (premaster and master secret, and symmetric keys)
12:05
TLS Deep Dive and PKI
11 questions
Intro to .pem | ACN.1 | PKCS | .crt | .csr and steps required to establish TLS
14:49
CA, and certificate generation process, VISUALIZED
06:33
Part 1: Using XCA and Live Server to spin up a localhost server over HTTPS/TLS
00:52
XCA - creating a local CA, and a self-signed certificate
07:31
XCA - creating keys, a CSR and a signed X.509 certificate for localhost
06:50
XCA - run a localhost server using Live Server, over HTTPS/TLS
06:32
XCA - Using Wireshark to examine our TLS connection
05:27
Part 2: Using OpenSSL and Live Server to run a localhost server over HTTPS/TLS
00:32
OpenSSL - installing OpenSSL
01:53
OpenSSL - producing CA keys and certificate
09:07
Inspecting the private key file, and extracting the public key from it
07:24
OpenSSL - generating server key pairs, and a server CSR file
07:05
OpenSSL - generating a signed certificate certificate by our CA
02:47
OpenSSL - run a localhost server using Live Server, over HTTPS/TLS
01:50
Part 3: Create a Node server to run a localhost server over HTTPS and TLS
00:36
Node - setting up our Node server code
09:59
Node - using the mkcert API to run a Node localhost server over HTTPS/TLS
10:33
Node - using the mkcert CLI to run a Node localhost server over HTTPS/TLS
07:15
Other
01:19
Example files : not provided
Video format : MP4
Video : AVC, 1280x720, 16:9, 30fps, ~1400kbps
Audio : AAC, 48kHz, 128kbps, stereo
[center]⋆🕷- - - - -☽───⛧ ⤝❖⤞ ⛧───☾ - - - -🕷⋆[/center]
📌 Udemy - TLS & HTTPS Visualized, and HTTPS localhost setup in 2025 (3.61 GB)
RapidGator Link(s)
NitroFlare Link(s)