SSL/TLS Deployment Best Practises

SSL/TLS is deceptively simple. While it seems like it is easy to deploy, that’s not always the case. LAWtrust SSL Experts have thoroughly reviewed the SSL/TLS deployment process and wish to offer you our best practices so you can spend the minimum amount of time possible on deployment and maintenance while still achieving the maximum results for your organization.

There are many risks that come with the implementation of security using Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocol. Attacks can be formulated against the SSL/TLS protocol, the protocol may have been designed improperly by the server vendor, the certification authority (CA) could be attacked or you may implement SSL/TLS improperly on your server. 

The Trustworthy Internet Movement surveys about 200,000 sites each month, grades them and ranks them by status through their SSL Pulse. Nearly a quarter of the protected sites receive an F. 

These sites support SSL 2.0 and SSL 3.0, have insecure cipher suites, have small keys and support RC4. 

The issues with the poorly graded sites are not system defects; they are the result of improper configuration and deployment.

At LAWtrust we aim to provide you with tips and hints and expert deployment knowledge.  All while encouraging you to take an Always-On SSL approach and recommend you acquire your certificatesfrom a reliable CA. 

The SSL/TLS Deployment Best Practices approach details all of the areas that should be deployed properly and regularly monitored and maintained when deploying SSL/TLS:


Contact our team of SSL experts if you need any advise with your next certificate install, we are here to help


Phone: +27 (12) 676 9240