Services

AI & Agentic Systems Core Information Systems Cloud & Platform Engineering Data Platform & Integration Security & Compliance QA, Testing & Observability IoT, Automation & Robotics Mobile & Digital

Industries

Banking & Finance Insurance Public Administration Defense & Security Healthcare Energy & Utilities Telco & Media Manufacturing Logistics & E-commerce Retail & Loyalty

References Technologies

Lab

Blog Know-how Tools

About Collaboration Careers

Language

CS EN

SSL/TLS checklist

03. 08. 2024 1 min read intermediate

HTTPS is the foundation. Ale je your TLS configuration opravdu withoutpečná?

Certificate¶

☐ Platný certifikát (ne self-signed v produkci)
☐ Automatic renewal (Let’s Encrypt + certbot)
☐ Certificate chain kompletní
☐ Wildcard nebo SAN pro subdomény

Thereforecols¶

☐ TLS 1.2 minimum
☐ TLS 1.3 preferovaný
☐ SSL 2.0/3.0 a TLS 1.0/1.1 VYPNUTÉ
☐ Silné cipher suites
☐ Forward secrecy (ECDHE)

Headers¶

☐ HSTS (Strict-Transport-Security)
☐ HTTP → HTTPS redirect
☐ HSTS preload (volitelné)
☐ Expect-CT (deprecated, ale stále užitečné)

Testing¶

☐ SSL Labs test (A+ rating)
☐ Certificate expiry monitoring
☐ Mixed content check
☐ OCSP stapling funguje

Automation¶

Let’s Encrypt + certbot –renew = no expirované certifikáty.

ssltlssecurity

Share:

CORE SYSTEMS tým

Stavíme core systémy a AI agenty, které drží provoz. 15 let zkušeností s enterprise IT.

Všechny články

Další know-how

SSL/TLS certificates in Java applications

Managing SSL certificates in Java keystores. Keytool, truststore, mutual TLS and common HTTPS problems.

SSL/TLS Configuration — Secure HTTPS

Proper TLS 1.3 configuration, cipher suites, certificates.

Let's Encrypt: Free SSL Certificates for Everyone

Let's Encrypt opens its public beta and offers automated, free TLS certificates. HTTPS is becoming the standard —...