Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
HTTPS and You
Search
Tim Nash
January 01, 2017
Programming
0
1k
HTTPS and You
Brief Lightning talk on TLS
Tim Nash
January 01, 2017
Tweet
Share
More Decks by Tim Nash
See All by Tim Nash
Testing Fortifications - WordCamp Brighton
timnashcouk
0
470
Come to the dark side, they have cookies
timnashcouk
0
1.3k
Come to the dark side
timnashcouk
0
69
Practical WordPress Security 2018
timnashcouk
0
410
Practical WordPress Security
timnashcouk
0
1.7k
Baking Security into your workflow - Early
timnashcouk
0
990
Security is Everyone responsibility
timnashcouk
0
1.1k
Other Decks in Programming
See All in Programming
Claude Code Skill入門
mayahoney
0
190
どんと来い、データベース信頼性エンジニアリング / Introduction to DBRE
nnaka2992
1
270
最初からAWS CDKで技術検証してもいいんじゃない?
akihisaikeda
4
120
ロボットのための工場に灯りは要らない
watany
10
2.5k
The Ralph Wiggum Loop: First Principles of Autonomous Development
sembayui
0
3.7k
AI時代のシステム設計:ドメインモデルで変更しやすさを守る設計戦略
masuda220
PRO
5
810
DevinとClaude Code、SREの現場で使い倒してみた件
karia
1
1k
API Platformを活用したPHPによる本格的なWeb API開発 / api-platform-book-intro
ttskch
1
130
PJのドキュメントを全部Git管理にしたら、一番喜んだのはAIだった
nanaism
0
250
nuget-server - あなたが必要だったNuGetサーバー
kekyo
PRO
0
230
Ruby and LLM Ecosystem 2nd
koic
1
480
社内規程RAGの精度を73.3% → 100%に改善した話
oharu121
13
7.9k
Featured
See All Featured
For a Future-Friendly Web
brad_frost
183
10k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
49
9.9k
Leveraging LLMs for student feedback in introductory data science courses - posit::conf(2025)
minecr
1
190
How to Ace a Technical Interview
jacobian
281
24k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
9
1.2k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
31
10k
Effective software design: The role of men in debugging patriarchy in IT @ Voxxed Days AMS
baasie
0
250
What the history of the web can teach us about the future of AI
inesmontani
PRO
1
460
Measuring Dark Social's Impact On Conversion and Attribution
stephenakadiri
1
150
Making Projects Easy
brettharned
120
6.6k
The Mindset for Success: Future Career Progression
greggifford
PRO
0
270
Collaborative Software Design: How to facilitate domain modelling decisions
baasie
0
150
Transcript
HTTPS:// and you… Tim Nash [UK] https://timnash.co.uk
Tim Nash - WordPress Platform Lead & Developer Advocate at
HTTPS
HTTPS (HTTP over SSL)
SSL (Secure Socket Layer)
It’s all a LIE!!!!!
HTTP over TLS1.2
HTTPS (HTTP (secure)Encrypted)
None
Browser Server Request Packet Response Packet
Browser Server Request Packet Response Packet Client ‘Hello’ Server ‘Hello’
Cryptographic information Server Certificate Client Key Exchange Send’s Key info signed with servers key Sends Client Certificate Client ‘finished’ Server ‘finished’
None
Pitfalls
Force everything…
search replace http:// https://
Better still 301 all HTTP requests as well
Mixed Content
None
If it loads over HTTP it needs to load over
HTTPS
Third Party Scripts: Google Analytics, Forms
DEVELOPERS! Don’t hard code URLs
Certificate issues aka Red Screen of death
https://www.ssllabs.com/ssltest/
HTTP/2
Browser Server Requests Packets Response Packets Client ‘Hello’ Server ‘Hello’
Client Key Exchange Client ‘finished’ Server ‘finished’
Tim Nash timnash.co.uk @tnash 34SP.com
[email protected]
timnashcouk
mayahoney
nnaka2992
akihisaikeda
watany
sembayui
masuda220
karia
ttskch
nanaism
kekyo
koic
oharu121
brad_frost
mongodb
minecr
jacobian
irinanazarova
eileencodes
baasie
inesmontani
stephenakadiri
brettharned
greggifford
![HTTPS:// and you… Tim Nash [UK] https://timnash.co.uk](https://files.speakerdeck.com/presentations/039cffdb9c3f4c2584125c7bec5fa019/slide_0.jpg){kind=link}
![Tim Nash timnash.co.uk @tnash 34SP.com [email protected]](https://files.speakerdeck.com/presentations/039cffdb9c3f4c2584125c7bec5fa019/slide_25.jpg){kind=link}