Advanced SSL

Certificate transparency, mTLS, SSL inspection, pinning, wildcard and SAN certificates, and other advanced topics.

Beyond basic HTTPS, SSL/TLS powers mutual authentication (mTLS), certificate transparency logging, traffic inspection, and more. These articles cover advanced topics for teams managing complex certificate infrastructures.

For a comprehensive overview, see our The Complete SSL/TLS Guide.

Certificate Transparency Logs Explained

What Certificate Transparency is, how CT logs work, how to search them for unauthorized certificates, and why Chrome requires CT compliance for all publicly trusted certificates.

Read more

SSL Certificate Revocation: CRL and OCSP Explained

How SSL certificate revocation works, including CRL and OCSP mechanisms, OCSP stapling, CRLite, browser soft-fail vs hard-fail behavior, and how to check revocation status.

Read more

SSL Inspection: How It Works and Security Implications

How SSL/TLS inspection works, why organizations use it, the security tradeoffs of breaking end-to-end encryption, and when it makes sense vs when it doesn't.

Read more

What Is SSL Inspection?

How SSL/TLS inspection works, why organizations use it, and the security and privacy trade-offs. Also known as TLS interception or SSL decryption.

Read more

mTLS (Mutual TLS) Explained

What mutual TLS is, how it differs from standard TLS, how the mTLS handshake works, use cases like zero trust and service mesh, and how mTLS compares to API keys and OAuth.

Read more

SSL Pinning Explained: What It Is and When to Use It

What SSL/certificate pinning is, how certificate and public key pinning work, why HPKP was deprecated, how mobile apps implement pinning, and when pinning helps vs hurts.

Read more

Self-Signed SSL Certificates: When to Use Them

What self-signed SSL certificates are, when they're appropriate, and when they'll cause problems. Development, testing, and internal use cases.

Read more

SSL Certificates for Localhost and Development

How to set up SSL certificates for localhost and local development environments. Covers mkcert, self-signed certificates, and why HTTPS matters in development.

Read more

Wildcard SSL Certificates Explained

How wildcard SSL certificates work, when to use them, their limitations, and why they can be a security risk. Plus: alternatives to wildcards.

Read more

SAN Certificates: Multi-Domain SSL Explained

What SAN certificates are, how Subject Alternative Names work, when to use multi-domain certificates, and how they compare to wildcard certificates.

Read more