Securing network traffic using SSL/TLS


Whenever we send any data over a network of any kind, private or public, that data is vulnerable to both interception and modification unless steps are taken to ensure the security and authenticity of said data. In this document we shall examine how we can use the Secure Sockets Layer, or SSL as it is more commonly known, and its successor Transport Layer Security, or TLS, to provide end-to-end encryption services providing security against interception and modification. We shall also examine how user, client and server certificates can be used to ensure the authenticity of our data.

In addition to an explanation of how to configure and install the OpenSSL software to allow certificates and certificate requests to be generated and signed we shall also give detailed examples of how to configure a variety of common applications, such as the Postfix SMTP server and the Courier IMAP server, to use either SSL or TLS to secure the data they send and receive.