Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Upcoming SlideShare
What to Upload to SlideShare
Next
Download to read offline and view in fullscreen.

Share

SSL certificate with mikrotik

Download to read offline

In this webinar, we will discuss about the basic concept of security, confidentiality, encryption, symmetric and assymetric encryption, SSL certificate, and HTTPS.
after that we discuss certificate feature on Mikrotik RouterOS, creating self-signed certificate, and import CA signed certificate to RouterOS.

The recording is available on youtube (GLC Networks Channel): https://www.youtube.com/channel/UCI611_IIkQC0rsLWIFIx_yg

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all

SSL certificate with mikrotik

  1. 1. www.glcnetworks.com SSL Certificate with GLC webinar, 24 august 2017 Achmad Mardiansyah achmad@glcnetworks.com GLC Networks, Indonesia 1
  2. 2. www.glcnetworks.com Agenda ● Introduction ● SSL certificate ● Mikrotik certificate ● Demo ● Q & A 2
  3. 3. www.glcnetworks.com What is GLC? ● Garda Lintas Cakrawala (www.glcnetworks.com) ● An Indonesian company ● Located in Bandung ● Areas: Training, IT Consulting ● Mikrotik Certified Training Partner/Consultant/Distributor ● Ubiquiti Certified Trainer/Consultant ● RedHat Certified Trainer 3
  4. 4. www.glcnetworks.com About GLC webinar? ● First webinar: january 1, 2010 (title: tahun baru bersama solaris - new year with solaris OS) ● As a sharing event with various topics: linux, networking, wireless, database, programming, etc ● Regular schedule: every 2 weeks ● Irregular schedule: as needed ● Checking schedule: http://www.glcnetworks.com/main/sc hedule ● You are invited to be a presenter ○ No need to be an expert ○ This is a forum for sharing: knowledge, experiences, information 4
  5. 5. www.glcnetworks.com Trainer Introduction ● Name: Achmad Mardiansyah ● Base: bandung, Indonesia ● Linux user (since 1999), Mikrotik user (since 2007), ubnt user (since 2011) ● Certified Trainer (Mikrotik, Ubiquiti, Redhat) ● Certified Consultant ● Work: Telco engineer, Sysadmin, PHP programmer, and Lecturer ● Personal website: http://achmadjournal.com ● More info: http://au.linkedin.com/in/achmadmardiansyah 5
  6. 6. www.glcnetworks.com Please introduce yourself ● Your name ● Your company/university? ● Your networking experience? ● Your mikrotik experience? ● Your expectation from this course? 6
  7. 7. www.glcnetworks.com SSL certificate 7
  8. 8. www.glcnetworks.com End-to-end vs intermediary security End-to-End ● Non-repudiation ● Data confidentiality ● Data integrity ● Privacy Intermediary: ● Communication security ● Availability ● Access control ● Authentication 8
  9. 9. www.glcnetworks.com Confidentiality ● End-to-end security ● To ensure only authenticated party can read the data ● Technique: ○ Encryption ■ Symmetric ■ Asymmetric 9 Picture from www.digicert.com
  10. 10. www.glcnetworks.com Symmetric encryption ● using same cryptographic keys for both encryption and decryption ● Sometimes requires secret string on both party. ● Only party that has secret key can understand the message ● Example: Twofish, Blowfish, RC4, 3DES 10Picture from www.ssl2buy.com
  11. 11. www.glcnetworks.com Asymmetric encryption ● Uses pairs of keys ○ public keys which may be widely spread ○ private keys which are known only to the owner ● Sender must get the recipient's public key before sending data ● Example: RSA, diffie-hellman 11 Picture from www.ssl2buy.com
  12. 12. www.glcnetworks.com How is the asymmetric keys looks like? 12
  13. 13. www.glcnetworks.com HTTPS ● A technique to secure HTTP communication, using TCP port 443 ● Using asymmetric encryption 13 Picture from superuser.com
  14. 14. www.glcnetworks.com Certificate of Authority (CA) ● Organisations that certifies the public keys ● To make sure the public key is legitimate ● Every browser/clients install ca’s public certificate ● Browser will give warning if accessing https with unknown CA 14
  15. 15. www.glcnetworks.com Certificate on mikrotik 15
  16. 16. www.glcnetworks.com SSL certificate usage on mikrotik ● HTTPS access ● Wireless authentication ● PPP ○ SSTP ○ Openvpn ● IPsec ● etc.. 16
  17. 17. www.glcnetworks.com Create self-signed cert (1) 17
  18. 18. www.glcnetworks.com Create self-signed cert (2) Sign the certificate 18
  19. 19. www.glcnetworks.com Create self-signed cert (3) apply cert on https service 19
  20. 20. www.glcnetworks.com Create self-signed cert (3) Browser warning 20
  21. 21. www.glcnetworks.com Get legitimate certificate from CA After the process finish, you will get these files 1. privkey.pem → private key 2. cert.pem → public key 3. chain.pem → chain certificate from CA 4. fullchain.pem → combination of cert.pem and chain.pem. Several webservers requires fullchain.pem to run https 21
  22. 22. www.glcnetworks.com Import legitimate certificate 22
  23. 23. www.glcnetworks.com No warning anymore... 23
  24. 24. www.glcnetworks.com Notes ● SSL certificate is very sensitive with time ● Make sure the servers / clients are running on correct date that is defined on certificate ● HTTPS processing requires CPU power 24
  25. 25. www.glcnetworks.com Interested? Just come to our training... Special price for webinar attendees… http://www.glcnetworks.c om/main/schedule 25
  26. 26. www.glcnetworks.com End of slides ● Thank you for your attention ● Please submit your feedback: http://bit.ly/glcfeedback ● Like our facebook page: “GLC networks” ● Slide: http://www.slideshare.net/r41nbuw ● Recording: https://www.youtube.com/channel/UCI611_IIkQC0rsLWIFIx_yg ● Stay tune with our schedule 26
  • kuya_gaya27

    Sep. 6, 2017
  • agixdota

    Sep. 5, 2017

In this webinar, we will discuss about the basic concept of security, confidentiality, encryption, symmetric and assymetric encryption, SSL certificate, and HTTPS. after that we discuss certificate feature on Mikrotik RouterOS, creating self-signed certificate, and import CA signed certificate to RouterOS. The recording is available on youtube (GLC Networks Channel): https://www.youtube.com/channel/UCI611_IIkQC0rsLWIFIx_yg

Views

Total views

3,498

On Slideshare

0

From embeds

0

Number of embeds

1,081

Actions

Downloads

102

Shares

0

Comments

0

Likes

2

×