Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your email address or mobile phone number.
Bulletproof SSL and TLS: Understanding and Deploying SSL/TLS and PKI to Secure Servers and Web Applications Paperback – August 1, 2014
Make Brand Page
Visit Maker Media and celebrate the Maker Faire.
Frequently Bought Together
Customers Who Bought This Item Also Bought
"The most comprehensive book about deploying TLS in the real world!"
Nasko Oskov, Chrome Security developer and former SChannel developer"Meticulously researched."
Eric Lawrence, Fiddler author and former Internet Explorer Program Manager"The most to the point and up to date book about SSL/TLS I've read."
Jakob Schlyter, IT security advisor and DANE co-author
About the Author
If you’re the author, publisher, or rights holder of this book, let ACX help you produce the audiobook.Learn more.
Top Customer Reviews
If you've ever ran the Qualys SSL Test on your site (if you haven't, definitely give it a try), and felt overwhelmed by all the output, then this book is the explainer you've been looking for. By the time you're done, you'll know what all the checks are, why the tool is recommending particular configurations, and how you can go about addressing them on your servers.
The future of the internet is TLS everywhere, and this is a must read guide for developers, administrators, and security folks alike.
As a software engineer, I read a lot of technical books. It's rare to see a book like this which combines so many different elements into a cohesive book. It could be split up into 2 books: one on the history/context of the development and vulnerabilities of SSL/TLS and another on using OpenSSL, configuring certs and servers. I'm glad it's all one book so I only need to recommend one! There aren't many books like this on the market on any topic. It's rare to see someone cover the basics of the theory, summary of attacks and mitigations, and trade-offs with deploying in the real world.
The book's binding and paper is great as well. If you properly break in the book, it will lie flat all the way from page 30 onward. I didn't have any problems reading it on a bed. I read this cover to cover in part of a weekend. It was a quick, fun and informative read. After reading this, you should be ready to dive into the RFCs.
My criticism is light. I don't think the wikipedia references have much value. Everyone knows you can search for things. I think using the URL shortener links are annoying. What happens when your server goes down? And I wish there was a quick reference appendix at the end which summarizes recommended future reading. There were some book recommendations throughout the book and a summary of important RFCs. It would be nice to have that all in one place.
Author Ivan Ristic's meticulously-researched book covers every important aspect of HTTPS, from cryptography, to public key infrastructure, to deployment and operations. Weighing in at a hefty 506 pages, it's unlikely that you'll read this book as I did, from cover-to-cover, so the author thoughtfully crafted the book with distinct sections so you can easily start with the content most important to your needs before (or instead of) reading anything else.
For security enthusiasts, there's excellent coverage of all of the major attacks against TLS and PKI over the last decade or so, from CA compromise to TLS protocol attacks like BEAST, CRIME, Lucky 13, and more. This book serves as an excellent resource on each of these attacks-- how they operate, and how to mitigate against them.
Web developers charged with keeping their sites fast as they move to HTTPS will appreciate nearly 30 pages of content on optimizing HTTPS for both the network and CPU, and fantastic coverage of OpenSSL will help you navigate the many functions of that powerful toolchain, even if your servers are running on other technologies. Thoughtful coverage on the tradeoffs between high security and interoperability problems is found in every chapter, to help you make the right decisions for your site's needs.
One of the best features about this book is its breadth of platform coverage; unlike many guides that cover only one particular implementation, Bulletproof SSL and TLS covers all of the major platforms including thorough sections on OpenSSL, Apache, Java/Tomcat, IIS, and Nginx, with comments and footnotes about more obscure platforms as appropriate.Read more ›
Most Recent Customer Reviews
Not only is the book technically on-spot, Ivan has made the book accessible and easy to follow.Published 9 days ago by Chris Kissel
Just what you need to work with and figure out SSL and TLS.Published 3 months ago by Kevin D Burnett
I was hoping that the book included tutorial about usage of the OpenSSL API itself (C-language), but it does not. (Such a thing does not appear to exist. Read morePublished 4 months ago by S. Ford
an excellent book .It provides the basis for studies related to encryption, ssl and tls , and webserversPublished 8 months ago by Gustavo C. O. Lima
good historical summary & overview of issues, good overall explanations for the general public, but not developer focussedPublished 10 months ago by ga376