In this webinar, we will discuss about the basic concept of security, confidentiality, encryption, symmetric and assymetric encryption, SSL certificate, and HTTPS.
after that we discuss certificate feature on Mikrotik RouterOS, creating self-signed certificate, and import CA signed certificate to RouterOS.
The recording is available on youtube (GLC Networks Channel): https://www.youtube.com/channel/UCI611_IIkQC0rsLWIFIx_yg
3. www.glcnetworks.com
What is GLC?
● Garda Lintas Cakrawala (www.glcnetworks.com)
● An Indonesian company
● Located in Bandung
● Areas: Training, IT Consulting
● Mikrotik Certified Training Partner/Consultant/Distributor
● Ubiquiti Certified Trainer/Consultant
● RedHat Certified Trainer
3
4. www.glcnetworks.com
About GLC webinar?
● First webinar: january 1, 2010 (title:
tahun baru bersama solaris - new
year with solaris OS)
● As a sharing event with various
topics: linux, networking, wireless,
database, programming, etc
● Regular schedule: every 2 weeks
● Irregular schedule: as needed
● Checking schedule:
http://www.glcnetworks.com/main/sc
hedule
● You are invited to be a presenter
○ No need to be an expert
○ This is a forum for sharing: knowledge,
experiences, information
4
5. www.glcnetworks.com
Trainer Introduction
● Name: Achmad Mardiansyah
● Base: bandung, Indonesia
● Linux user (since 1999), Mikrotik user (since 2007),
ubnt user (since 2011)
● Certified Trainer (Mikrotik, Ubiquiti, Redhat)
● Certified Consultant
● Work: Telco engineer, Sysadmin, PHP programmer,
and Lecturer
● Personal website: http://achmadjournal.com
● More info:
http://au.linkedin.com/in/achmadmardiansyah
5
10. www.glcnetworks.com
Symmetric encryption
● using same cryptographic keys for both encryption and decryption
● Sometimes requires secret string on both party.
● Only party that has secret key can understand the message
● Example: Twofish, Blowfish, RC4, 3DES
10Picture from www.ssl2buy.com
11. www.glcnetworks.com
Asymmetric encryption
● Uses pairs of keys
○ public keys which may be widely spread
○ private keys which are known only to the owner
● Sender must get the recipient's public key before sending data
● Example: RSA, diffie-hellman
11
Picture from www.ssl2buy.com
14. www.glcnetworks.com
Certificate of Authority (CA)
● Organisations that certifies the public keys
● To make sure the public key is legitimate
● Every browser/clients install ca’s public certificate
● Browser will give warning if accessing https with unknown CA
14
21. www.glcnetworks.com
Get legitimate certificate from CA
After the process finish, you will get these files
1. privkey.pem → private key
2. cert.pem → public key
3. chain.pem → chain certificate from CA
4. fullchain.pem → combination of cert.pem and chain.pem. Several webservers
requires fullchain.pem to run https
21
24. www.glcnetworks.com
Notes
● SSL certificate is very sensitive with time
● Make sure the servers / clients are running on correct date that is defined on
certificate
● HTTPS processing requires CPU power
24
26. www.glcnetworks.com
End of slides
● Thank you for your attention
● Please submit your feedback: http://bit.ly/glcfeedback
● Like our facebook page: “GLC networks”
● Slide: http://www.slideshare.net/r41nbuw
● Recording: https://www.youtube.com/channel/UCI611_IIkQC0rsLWIFIx_yg
● Stay tune with our schedule
26