-
Learning by doing
-
Trainers with practical experience
-
Classroom training
-
Detailed course material
-
Clear content description
-
Tailormade content possible
-
Training that proceeds
-
Small groups
The course SSL Certificates covers the theory and practice of SSL certificates that are essential in setting up secure and encrypted Internet connections. The original SSL 2 and SSL 3 protocols have since been replaced by the TLS protocol, but the name SSL is still used. With SSL, one side of the connection has a private key, while a public key is made available to others who want to connect.
The course starts with a discussion of how an SSL connection is established. Attention is paid to how the SSL connection starts with a handshake between client and server. In the first step in the connection, the client uses the server's public key to encrypt a message. The server has the corresponding private key and can read the message with it. Then a secret key is generated. That key is only known to both the client and the server and is used in the mutual message traffic.
Next attention is paid to the various forms of encryption that play a role in SSL. With asymmetric encryption, both sides of the connection have different keys that fit together and that can decipher each other's messages. With symmetric encryption, both sides have the same key, which must then be hidden from the outside world. And with hash encryption there is one-way encryption. A message cannot be deciphered then, but it is possible to check whether the message has been changed.
The course also covers what SSL certificates are and how they are used to identify a server or a client. It is explained which types of certificates there are. Client, server and self-signed certificates are discussed and root certificates and wild card certificates are also treated. Attention is also paid to how certificates can be created or requested and how to install them in known servers.
Recognized certificates are issued by certificate authorities such as Thawte, Verisign, Let's Encrypt and other organizations. They check whether the applicant for a certificate is really who he claims to be and use various verification methods for this. The certificate authorities are part of the Public Key Infrastructure. Protocols such as DANE and DNSSEC are also discussed.
The course SSL Certificates is intended for system administrators, security professionals, developers and others who want to learn how obtain, configure and maintain SSL Certificates.
General knowledge of information technology is required to participate in this course. Experience with security concepts and web applications is beneficial for understanding but not required.
The course SSL Certificates has a hands-on character. The theory is treated on the basis of presentation slides and is interchanged with practical exercises. The course material is in English. Course times are from 9.30 up and to 16.30.
After successful completion of the training the participants receive an official certificate SSL Certificates.
Module 1 : SSL Intro |
Module 2 : SSL Encryption |
Module 3 : Certificates |
SSL Overview Secure Sockets Layer (SSL) SSL en TLS SSL Characteristics SSL Handshakes SSL Connectors Configuring SSL Server Name Indication SNI Protocol Key Files Private and Public Key OpenSSL Library |
Encryption Algorithms RSA algoritme ECC algoritme SSL Encryption Types Asymmetric Encryption Symmetric Encryption Hash Encryption HTTPS Connections HTTP Strict Transport Security Secure Mime Digital Signing Salt Function |
SSL Certificates Creating Certificates CSR's Server Certificates Client Certificates Common Name Root Certificates Wild Card Certificates Subdomains Certificate Revocation List Black and White Listing OCSP and Stapling |
Module 4 : PKI Infrastructure |
||
Chain of Trust Certificate Authorities Domain Validation Organization Validation Cipher Suites Handshake CAA Record Configuring CAA DANE Protocol Trust Anchor File Approver DNSSEC Protocol |
All our courses are classroom courses in which the students are guided through the material on the basis of an experienced trainer with in-depth material knowledge. Theory is always interspersed with exercises.
We also do custom classes and then adjust the course content to your wishes. On request we will also discuss your practical cases.
The course times are from 9.30 to 16.30. But we are flexible in this. Sometimes people have to bring children to the daycare and other times are more convenient for them. In good consultation we can then agree on different course times.
We take care of the computers on which the course can be held. The software required for the course has already been installed on these computers. You do not have to bring a laptop to participate in the course. If you prefer to work on your own laptop, you can take it with you if you wish. The required software is then installed at the start of the course.
Our courses are generally given with Open Source software such as Eclipse, IntelliJ, Tomcat, Pycharm, Anaconda and Netbeans. You will receive the digital course material to take home after the course.
The course includes lunch that we use in a restaurant within walking distance of the course room.
The courses are planned at various places in the country. A course takes place at a location if at least 3 people register for that location. If there are registrations for different locations, the course will take place at our main location, Houten which is just below Utrecht. A course at our main location also takes place with 2 registrations and regularly with 1 registration. And we also do courses at the customer’s location if they appreciate that.
At the end of each course, participants are requested to evaluate the course in terms of course content, course material, trainer and location. The evaluation form can be found at https://www.klantenvertellen.nl/reviews/1039545/spiraltrain?lang=en. The evaluations of previous participants and previous courses can also be found there.
The intellectual property rights of the published course content, also referred to as an information sheet, belong to SpiralTrain. It is not allowed to publish the course information, the information sheet, in written or digital form without the explicit permission of SpiralTrain. The course content is to be understood as the description of the course content in sentences as well as the division of the course into modules and topics in the modules.