A less common question we get, that a lot of web devs are interested in is 'How do I mitigate against MITM attacks'.<p>- As a browser, by using a default OS and watching the root CA store. You can control the key stores on most devices except iOS pretty easily: <a href="https://certsimple.com/blog/control-the-ssl-cas-your-browser-trusts" rel="nofollow">https://certsimple.com/blog/control-the-ssl-cas-your-browser...</a><p>- As a server, setting up key pinning (<a href="https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning" rel="nofollow">https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning</a>) which throws up a browser warning if someone accesses your site with a new key.
A slightly stronger argument not to use 4096-bit certs is that just about every (intermediate) CA certificate out there is 2048-bit, and there's no security advantage to your cert being 4096-bit if it only has a 2048-bit signature. An attacker can just factor your CA's public key and not care how strong your own public key is.<p>So it's not just that it slows down your site, it slows down your site without any additional security or other benefit.
Item number 1: SSL is obsolete, use TLS.<p>Can we please, as a society, try to move forward with the correct acronym? Everyone who isn't wide-open-vulnerable is using TLS 1.0 or newer. (Personally, I like to run TLS 1.2 only, but my CloudFlare domains still speak 1.0 and I can't turn it off without paying money.)
The general public couldn't care less about EV certs.<p>Important reading:
<a href="http://webmasters.stackexchange.com/a/9095" rel="nofollow">http://webmasters.stackexchange.com/a/9095</a>
Another thing: You should probably go TLS-only. Set up a 301 redirect from HTTP to HTTPS, and set the Strict-Transport-Security header on all HTTPS responses.<p>It's very easy to do, and ensures all your users get maximal security. The future is encrypted.<p>Today I did this for my blog: <a href="https://github.com/TazeTSchnitzel/blog/commit/792986d18d8583712fa3fe59d0ec047b21701d46" rel="nofollow">https://github.com/TazeTSchnitzel/blog/commit/792986d18d8583...</a>
Re: Point 1<p>You really only need two ciphers to get to most browsers/clients and good security and speed (replace RSA with ECDSA if needed):<p>TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256<p>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA<p>Example: <a href="https://www.ssllabs.com/ssltest/analyze.html?d=theandrewbailey.com" rel="nofollow">https://www.ssllabs.com/ssltest/analyze.html?d=theandrewbail...</a><p>It baffles me that Mozilla recommends 20 ciphers for their highest security level. I think high security should be more exclusive than that, and with forward secrecy only.<p>Point 5:<p>How I imported Let's Encrypt's certificates into a Java keystore:<p><pre><code> openssl pkcs12 -export -name yourdomain -in fullchain.pem -inkey privkey.pem -out pubchainpriv.p12
keytool -importkeystore -srcstoretype pkcs12 -srckeystore pubchainpriv.p12 -alias yourdomain -destkeystore /path/to/keystore.jks</code></pre>
I've compiled lots of resources for moving to HTTPS:
<a href="https://docs.google.com/document/d/1EJKAoa4Hxc4AyH0znuA_AAplcNeNejEhATFptFX-OME/edit" rel="nofollow">https://docs.google.com/document/d/1EJKAoa4Hxc4AyH0znuA_AApl...</a>
A good start. If you want to improve it, please add information about how to consume HTTPS services in a secure way.<p>Also potentially add an aside for self-signed/enterprise CA, as most web developers will encounter internal systems sooner or later. This makes the above (consuming services) more challenging :-)
My addition: if you use SNI cert, expect loads of problems. And I don't mean browser support.<p>Bing wont crawl you, you have to email the support and maybe they manually whitelist you.<p>A lot of RSS readers wont work, services like pocket, reddit submissions, mailchimp rss to email etc etc.<p>It's crazy considering we want to move everything to https only.
You might be slow from traffic, but just in case that's not the case, the linked article loads fine but the home page does not on a 2nd gen Nexus 7.<p>I see the top navigation followed by a white page, no scrollbar.