This is a beginner’s overview of how authentication in SSL/TSL works (which by now should be called TLS certificates, but old habits die hard), it is also a short tutorial on how to generate SSL/TLS certificates using OpenSSL, either self-signed or signed by a CA.

As a disclaimer, getting security wrong is very easy, and I’m not an expert. If your systems handle anything vital such as credit card information (1), payments (2), personal information (3), weapons systems (4), etc (5), then hire an expert, use already available services, and reuse libraries from reputable sources. This tutorial is NOT going…