- [Instructor] Before we jump into the meat related to PKI, SSL and TLS, there are a few things that you need to know beforehand. The first, in terms of prerequisite knowledge, is having some kind of experience with the TCP/IP network protocol suite. You should have a basic knowledge of Microsoft Windows Server operating systems, as well as having a general knowledge of the Linux operating system environment. You should have a general sense of how you might go about configuring a web browser on a client device, and also a general sense of how to go about configuring a web server, whether it's Microsoft's Internet Information Services or the Apache 2 web server running on the Linux platform.
In our lab environment, we have a Microsoft Windows Server 2016 machine. This is an Active Directory domain controller for a domain called fakedomain1.local. Also, we have the IIS web server role installed, so the machine is also a web server. During the course, we'll be installing the certification authority role to support a public key infrastructure, or a PKI. We'll also be using the Internet Explorer web browser to test connectivity to things such as a secured web server, but really any web browser could be used.
We'll also be using Kali Linux. It could be any distribution of Linux, there's not a specific reason why Kali Linux was chosen. However, what's important in the Linux environment is that we need to make sure that we either have installed the OpenSSL certificate authority or, if it's not there, make sure you do install it. And the way that we do that will vary between one Linux distribution and another. Also, we want to make sure that the Apache web server component is installed on Linux.
Just like we'll be using the certification authority in Windows, we'll be using OpenSSL in Linux to establish a certificate authority and then issuing a few certificates.
- Symmetric and asymmetric encrypting
- How certificates are issued and managed
- Configuring a Linux OpenSSL PKI environment
- How TLS supersedes SSL and is considered more secure
- Acquiring a web server certificate
- Acquiring a code-signing certificate
- Configuring a website with a certificate
- Securing files and folders with EFS
- Configuring a TLS VPN