SSL/TLS certificates are the backbone of encrypted web communication, authenticating server identity and protecting data in transit. With over 95% of web traffic now encrypted via HTTPS, understanding certificate types, the TLS 1.3 handshake, certificate chains, and common pitfalls is essential for every developer and sysadmin. This guide covers the full lifecycle — from issuance to renewal — with practical tooling.
What Is SSL/TLS?
Transport Layer Security (TLS) — the successor to the deprecated SSL protocol — provides encryption, authentication, and integrity for data transmitted between clients and servers. As of 2024, TLS 1.3 accounts for over 60% of all encrypted connections, with TLS 1.2 covering most of the remainder. SSL 2.0 and 3.0 are considered insecure and must never be used.
📖 Definition — A digital certificate is a digitally signed document that binds a public key to an identity (domain, organization). It is issued by a Certificate Authority (CA) after validating ownership.
The TLS 1.3 Handshake
TLS 1.3 (defined in RFC 8446) reduces the handshake from two round-trips to just one (1-RTT), and supports 0-RTT resumption for returning clients, dramatically reducing latency.
ClientHello — Client sends supported cipher suites, key shares (ECDHE), and a random nonce.
ServerHello — Server selects cipher suite, sends its key share, and the handshake is encrypted from this point.
Server Parameters & Certificate — Server sends encrypted extensions, its certificate, and a CertificateVerify signature.
Finished — Both sides derive session keys and exchange Finished messages. Application data flows immediately.
💡 TLS 1.3 removed insecure algorithms: RSA key exchange, CBC ciphers, SHA-1, RC4, DES, and 3DES are all gone. Only AEAD ciphers (AES-GCM, ChaCha20-Poly1305) remain.
Certificate Types
| Type | Validation | Use Case | Issuance Time |
|---|---|---|---|
| DV Domain Validated | Domain ownership only | Blogs, personal sites, APIs | Minutes |
| OV Organization Validated | Domain + org identity | Business websites | 1–3 days |
| EV Extended Validation | Rigorous legal/physical checks | Banks, e-commerce | 1–2 weeks |
| Wildcard | Covers *.example.com | Multi-subdomain projects | Varies |
⚠️ Wildcard certificates cover only one level of subdomain. *.example.com covers api.example.com but NOT v2.api.example.com.
Certificate Chain of Trust
A certificate chain links your server's leaf certificate to a trusted root CA via one or more intermediate CAs. Browsers and OS trust stores contain root CAs; the server must send the intermediates.
Leaf Certificate (your domain)
↓ signed by
Intermediate CA (e.g., R3 — Let's Encrypt)
↓ signed by
Root CA (e.g., ISRG Root X1 — in trust stores)🚫 Never serve only the leaf certificate without intermediates. This causes "unable to verify the first certificate" errors in clients that don't have the intermediate cached.
OCSP & Revocation
When a private key is compromised, the certificate must be revoked. Two mechanisms exist:
- CRL (Certificate Revocation List) — A downloadable list of revoked serial numbers. Can be large and slow.
- OCSP (Online Certificate Status Protocol) — Real-time check against the CA. Preferred method.
Enable OCSP Stapling on your server. The server fetches the OCSP response periodically and sends it during the TLS handshake, eliminating the client's need to contact the CA — improving privacy and performance.
# Nginx — enable OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
resolver 1.1.1.1 8.8.8.8 valid=300s;
resolver_timeout 5s;HSTS — HTTP Strict Transport Security
HSTS tells browsers to always use HTTPS for your domain, preventing protocol downgrade attacks and cookie hijacking.
# Nginx header
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;🎯 Submit your domain to the HSTS Preload List to have browsers enforce HTTPS before the first visit. Requires max-age ≥ 1 year, includeSubDomains, and preload.
Certbot & Automation
Certbot is the official ACME client from the EFF for obtaining and renewing free Let's Encrypt certificates.
# Install and obtain a certificate (Nginx)
sudo apt install certbot python3-certbot-nginx
sudo certbot --nginx -d example.com -d www.example.com
# Auto-renewal (cron or systemd timer)
sudo certbot renew --dry-run💡 Let's Encrypt certificates are valid for 90 days. Certbot's systemd timer renews at 60 days by default. Always test renewal with --dry-run first.
Best Practices
Use TLS 1.3 as the minimum version. Disable TLS 1.0 and 1.1 entirely.
Enable OCSP Stapling and configure a valid resolver.
Deploy HSTS with a long max-age and consider preloading.
Use ECDSA P-256 keys for better performance than RSA 2048.
Automate renewal — never let certificates expire manually.
Redirect all HTTP traffic to HTTPS with a 301 redirect.
Common Mistakes
| Mistake | Impact | Fix |
|---|---|---|
| Missing intermediate certificate | Broken chain on some clients | Bundle intermediates in the cert file |
| Expired certificate | Browser security warnings, lost trust | Automate renewal with Certbot |
| Mixed content (HTTP resources on HTTPS page) | Browser blocks insecure resources | Use protocol-relative or HTTPS URLs |
| Allowing TLS 1.0/1.1 | Vulnerable to POODLE, BEAST attacks | Set ssl_protocols TLSv1.2 TLSv1.3; |
| Weak cipher suites | Susceptible to brute-force or downgrade | Use Mozilla SSL Configuration Generator |
Tools
Check your SSL/TLS configuration with our built-in checker:
- 🔧 SSL Certificate Checker — Verify certificate validity, chain, expiry, and protocol support.
References
- 📄 RFC 8446 — The Transport Layer Security (TLS) Protocol Version 1.3
- 📄 Let's Encrypt Documentation
- 📄 Mozilla Server Side TLS Guidelines
- 📄 Mozilla SSL Configuration Generator
- 📄 Certbot — EFF
- 📄 HSTS Preload List Submission
🚀 Free ToolZilla tools used in this article
All client-side, no signup, no upload — open them in a new tab while you read:
- 🔧 SSL / TLS Checker — try it free in your browser.
- 🧰 Browse all 60+ free tools →
Modern TLS is non-negotiable. Use TLS 1.3 with AEAD ciphers, automate certificate management with Certbot, serve the full certificate chain, enable OCSP Stapling, and enforce HTTPS via HSTS. A misconfigured certificate erodes user trust faster than almost any other infrastructure issue.