Transport Layer Security, or TLS, makes ecommerce and online banking possible. It protects your passwords and your privacy. Let’s Encrypt transformed TLS from an expensive tool to a free one. TLS understanding and debugging is an essential sysadmin skill you must have.

It’s also one of the most misunderstood security protocols.

This talk takes you through:

• How TLS works
• What TLS provides, and what it doesn’t
• Wrapping unencrypted connections inside TLS
• Assessing TLS configurations
• The Automated Certificate Management Environment (ACME) protocol
• Using Let’s Encrypt to automatically maintain TLS certificates
• Online Certificate Status Protocol
• Certificate Revocation
• CAA, HSTS, and Certificate Transparency
• Why you shouldn’t run your own CA, and hints on how to do it anyway.

Maybe you can’t stop doing the old obsolete things immediately, but this talk will make you aware of the modern standards.

Michael W Lucas MWL has written a whole stack of books. Many of them are on BSD. He has a web page at https://mwl.io