Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Best Practices and Applications of TLS/SSL

Download Now

To download this white paper you’ll need an Infosecurity Magazine account. Log in or sign up for yours below.

Log In

Sign Up

Get up-to-the-minute news and opinions, plus access to a wide assortment of Information Security resources that will keep you current and informed.

This will be used to identify you if you take part in out online comments.
Your password should be at least six characters long. It is case sensitive. Passwords can only consist of alphanumeric characters or ~!@#$%^&*()_-+=?.

By registering you agree with our terms and conditions and privacy policy.

Transport Layer Security or TLS, widely known also as Secure Sockets Layer or SSL, is the most popular application of public key cryptography in the world. It is most famous for securing web browser sessions, but it has widespread application to other tasks.

TLS/SSL can be used to provide strong authentication of both parties in a communication session, strong encryption of data in transit between them, and verification of the integrity of that data in transit.

TLS/SSL can be used to secure a broad range of critical business functions such as web browsing, server-to-server communications, e-mail client-to-server communications, software updating, database access, virtual private networking and others.

However, when used improperly, TLS can give the illusion of security where the communications have been compromised. It is important to keep certificates up to date and check rigorously
for error conditions.

In many, but not all applications of TLS, the integrity of the process is enhanced by using a certificate issued by an outside trusted certificate authority.

This paper will explore how TLS works, best practices for its use, and the various applications in which it can secure business computing.