mail us  |  mail this page

contact us
training  | 
tech stuff  | 

X509 (SSL) Certificate Training

Duration: 1 day. The course assumes a basic knowledge of LDAP terminology such as attributes, OIDs and ASN.1 or that participants have taken the 2 day LDAP Basic course.

La formation est aussi disponible en français.

Introduction

What are most frequently referred to as SSL certificates are, correctly, named X.509 Certificates. X.509 is one of the DAP series of X.500 standards on which Lightweight Directory Access Protocol (LDAP) is based. The terminology and concepts used in X.509 certificates are exactly th same as that used in LDAP. Some of the horrendous confusion and inconsistency that arises when working with X.509 (SSL) certificates comes from an incomplete understanding of the underlying LDAP/DAP terminology and technology.

Description

Participants will learn about the purpose, terminolgy and organization of X.509 certificates and their position in the chain of trust used to verify public keys. Certificate Authorities (CAs) and the bewidering array of certificate types commecially available are discussed as well as certificate chains and bundles. The TLS handshake protocol phase is outlined to show the use of X.509 certificates (in server, client and mutual authentication). Certificate protocols including verification methods (OCSP) are discussed as well as server techniques used to optimize the process. The major fields of the certificate and the optional V3 extensions are covered (with special emphasis on Subject and subjectAltName). Certificate (PEM and DER) and container formats (PCKS) are covered. Finally, openssl is used as a hands-on example of creation of certificate requests, self-signed certicates and various certificate chaining processes.

Audience:

The course is intended for personnel involved in security including administrators responsible for certificates, security designers, programmers and support staff involved in debugging security issues.

About the Instructor

Ron Aitchison is the author of Pro DNS and BIND (Apress ISBN 1-59059-494-0). Ron has been involved in communications and networking for more years than he cares to admit and is president and founder of Zytrax, Inc. a company specializing in IP communications (wired and wireless), systems development, training and consulting in Montreal, Canada. He has been involved with Open Source for over 15 years and is the primary author of Tech Stuff, DNS for Rocket Scientists, LDAP for Rocket Scientists and Survival guides - TLS/SSL and SSL (X.509) Certificates available as free resources for the community.

Contents

Module 1: X.509 Background and Theory

Module 2: X.509 Detail

Module 3: X.509 Creation and Manipulation

This is mostly a hands on section using OpenSSL.

Other courses: DNS Training, X.509 (SSL) Certificate Training, LDAP Training.

Training

training home
dns training
ldap training
x.509 (ssl) certs
prices
schedule
reservation
on-site training
on-line training
client list

Resources

dns guide
ldap guide
RSS Feed Icon

If you are happy it's OK - but your browser is giving a less than optimal experience on our site. You could, at no charge, upgrade to a W3C standards compliant browser such as those available from firefox

Zytrax Services

Training
Consulting
Tech Stuff Pages
Open Guides

Search

web zytrax.com

Share

Icons made by Icomoon from www.flaticon.com is licensed by CC 3.0 BY
share page via facebook tweet this page

Page

email us Send to a friend feature print this page Display full width page Decrease font size Increase font size

Site

CSS Technology SPF Record Conformant Domain
Copyright © 1994 - 2019 ZyTrax, Inc.
All rights reserved. Legal and Privacy
site by zytrax
Hosted by super.net.sg
web-master at zytrax
Page modified: March 21 2019.