SSL Certificate Best Practices Policy

SSL certificates are essential for encrypting traffic between systems such as clients, which access servers via web browsers or applications that communicate with remote systems. Certificates protect client and server data, commonly involving confidential information such as credit card details or social security numbers.

The purpose of this SSL Certificate Best Practices Policy, created by Scott Matteson for TechRepublic Premium, is to establish a set of best practices for the issuance, management, renewal/replacement, and revocation and/or retirement of certificates.

  • Featured text from the download:

    Issuing certificates

    Use dedicated internal certificate authorities for internal certificates. Make them redundant and ensure they are trusted by all internal clients and servers. Include any intermediate and root authorities to ensure the entire certificate chain is trusted.

    Always use well-known external certificate authorities for public-facing certificates, as these are trusted by default in all major browsers.

    All processes/functions that can use SSL certificates should be configured to do so.

    Only issue/use certificates on authorized systems for business purposes.

    Issue/obtain certificates with at least a two-year expiration date.

    Use at minimum 2048-bit encryption upon certificates.

    Use passwords with private keys where possible.

    Configure private keys not to be exportable.

    Use auto-enrollment/renewal of SSL certificates where possible. It’s also worth considering the use of configuration management software for certificate deployment.

Strengthen your security operations with our six-page document. This is available for download at just $19. Alternatively, enjoy complimentary access with a Premium annual subscription.

TIME SAVED: Crafting this content required 12 hours of dedicated writing, editing, research, and design.

Subscribe to the Developer Insider Newsletter

From the hottest programming languages to commentary on the Linux OS, get the developer and open source news and tips you need to know. Delivered Tuesdays and Thursdays

Subscribe to the Developer Insider Newsletter

From the hottest programming languages to commentary on the Linux OS, get the developer and open source news and tips you need to know. Delivered Tuesdays and Thursdays

Resource Details

or

* Sign up for a TechRepublic Premium subscription for $299.00/year, and download this content as well as any other content in our library. Cancel anytime. Details here.

Provided by:
TechRepublic Premium
Published:
November 14, 2024
Topic:
Networking
Format:
WORD
or

* Sign up for a TechRepublic Premium subscription for $299.00/year, and download this content as well as any other content in our library. Cancel anytime. Details here.