Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
HTTPS and You
Search
Tim Nash
January 01, 2017
Programming
1k
0
Share
HTTPS and You
Brief Lightning talk on TLS
Tim Nash
January 01, 2017
More Decks by Tim Nash
See All by Tim Nash
Testing Fortifications - WordCamp Brighton
timnashcouk
0
470
Come to the dark side, they have cookies
timnashcouk
0
1.4k
Come to the dark side
timnashcouk
0
70
Practical WordPress Security 2018
timnashcouk
0
410
Practical WordPress Security
timnashcouk
0
1.7k
Baking Security into your workflow - Early
timnashcouk
0
990
Security is Everyone responsibility
timnashcouk
0
1.1k
Other Decks in Programming
See All in Programming
How to stabilize UI tests using XCTest
akkeylab
0
150
forteeの改修から振り返るPHPerKaigi 2026
muno92
PRO
3
120
Migration to Signals, Signal Forms, Resource API, and NgRx Signal Store @Angular Days 03/2026 Munich
manfredsteyer
PRO
0
220
AI時代のシステム設計:ドメインモデルで変更しやすさを守る設計戦略
masuda220
PRO
6
1.2k
へんな働き方
yusukebe
6
2.9k
最初からAWS CDKで技術検証してもいいんじゃない?
akihisaikeda
4
180
実践ハーネスエンジニアリング #MOSHTech
kajitack
7
5.4k
ローカルで稼働する AI エージェントを超えて / beyond-local-ai-agents
gawa
1
230
事業会社でのセキュリティ長期インターンについて
masachikaura
0
210
Goの型安全性で実現する複数プロダクトの権限管理
ishikawa_pro
2
1.4k
L’IA au service des devs : Anatomie d'un assistant de Code Review
toham
0
190
Redox OS でのネームスペース管理と chroot の実現
isanethen
0
500
Featured
See All Featured
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
9
1.2k
SERP Conf. Vienna - Web Accessibility: Optimizing for Inclusivity and SEO
sarafernandez
2
1.4k
From Legacy to Launchpad: Building Startup-Ready Communities
dugsong
0
190
The browser strikes back
jonoalderson
0
870
Testing 201, or: Great Expectations
jmmastey
46
8.1k
Amusing Abliteration
ianozsvald
1
150
Marketing Yourself as an Engineer | Alaka | Gurzu
gurzu
0
170
A better future with KSS
kneath
240
18k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
128
55k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
666
130k
Principles of Awesome APIs and How to Build Them.
keavy
128
17k
We Are The Robots
honzajavorek
0
210
Transcript
HTTPS:// and you… Tim Nash [UK] https://timnash.co.uk
Tim Nash - WordPress Platform Lead & Developer Advocate at
HTTPS
HTTPS (HTTP over SSL)
SSL (Secure Socket Layer)
It’s all a LIE!!!!!
HTTP over TLS1.2
HTTPS (HTTP (secure)Encrypted)
None
Browser Server Request Packet Response Packet
Browser Server Request Packet Response Packet Client ‘Hello’ Server ‘Hello’
Cryptographic information Server Certificate Client Key Exchange Send’s Key info signed with servers key Sends Client Certificate Client ‘finished’ Server ‘finished’
None
Pitfalls
Force everything…
search replace http:// https://
Better still 301 all HTTP requests as well
Mixed Content
None
If it loads over HTTP it needs to load over
HTTPS
Third Party Scripts: Google Analytics, Forms
DEVELOPERS! Don’t hard code URLs
Certificate issues aka Red Screen of death
https://www.ssllabs.com/ssltest/
HTTP/2
Browser Server Requests Packets Response Packets Client ‘Hello’ Server ‘Hello’
Client Key Exchange Client ‘finished’ Server ‘finished’
Tim Nash timnash.co.uk @tnash 34SP.com
[email protected]
timnashcouk
akkeylab
muno92
manfredsteyer
masuda220
yusukebe
akihisaikeda
kajitack
gawa
masachikaura
ishikawa_pro
toham
isanethen
irinanazarova
sarafernandez
dugsong
jonoalderson
jmmastey
ianozsvald
gurzu
kneath
aki_iinuma
pedronauck
keavy
honzajavorek
![HTTPS:// and you… Tim Nash [UK] https://timnash.co.uk](https://files.speakerdeck.com/presentations/039cffdb9c3f4c2584125c7bec5fa019/slide_0.jpg){kind=link}
![Tim Nash timnash.co.uk @tnash 34SP.com [email protected]](https://files.speakerdeck.com/presentations/039cffdb9c3f4c2584125c7bec5fa019/slide_25.jpg){kind=link}