SSL Certificates - HTTPS, TLS and encryption explained

Digital certificates are the foundation of trust in modern IT systems — but how does that trust actually work, and where does it break down in practice?

In this training, you will gain a practical and in-depth understanding of TLS, PKI and digital certificates, and how they are used in real-world IT environments. You will learn how secure communication is established using HTTPS and TLS, and how X.509 certificates, certificate authorities and trust chains enable authentication and encryption.

You will walk step-by-step through the TLS handshake, understand how certificate chains are validated and how mutual TLS (mTLS) is used for strong service-to-service authentication. The focus is not only on how it works, but also on how it fails: misconfigurations, expired certificates and vulnerable implementations.

You will also learn how certificate management works in modern environments, including automation in DevOps pipelines, Infrastructure as Code (IaC) and Kubernetes platforms. This ensures you not only understand certificates, but can also manage them effectively at scale in production systems.

The training connects technical depth with practical application: you will learn how to apply certificates within secure architectures, including Zero Trust models.

The course material (slides) is in English and reflects real-world practices in modern IT organizations.
This training is available as classroom training and as e-learning. Classroom sessions can be attended on-site or virtually (via Microsoft Teams or Zoom). The e-learning is fully in English and includes English subtitles.

Our training is also delivered through selected international training partners, allowing participation outside the Netherlands. Contact us for current availability and locations.

Who should attend:
This training is designed for professionals working with security, infrastructure and modern IT architectures.

Typical participants include:

• DevOps and platform engineers
• Security engineers
• Solution and cloud architects
• IT professionals working with certificates, TLS and security

What you will learn:

• How TLS, PKI and digital certificates work in modern IT systems
• How TLS handshakes and certificate chains are structured and validated
• The role of X.509 certificates, certificate authorities and trust models
• How mutual TLS (mTLS) is used for strong authentication
• How trust is established — and where it can fail in practice
• Risks such as expired certificates, misconfigurations and weak key management
• Certificate management and automation in DevOps and Kubernetes environments
• How certificates are applied in Zero Trust and secure architectures

Results:
After this training, you will be able to:

• Understand how digital trust chains work in practice
• Assess and improve TLS configurations and certificate setups
• Identify and mitigate security risks related to certificates
• Implement and automate certificate management in modern environments
• Collaborate more effectively with security and platform teams
• Apply certificates as a core building block of secure architectures

Course Agenda

1. Encryption fundamentals: Understand the core concepts of encryption, including symmetric and asymmetric cryptography, keys, algorithms and how data is transformed from plaintext to ciphertext.
2. HTTPS, SSL and TLS explained: Learn how HTTPS works and how SSL/TLS secures communication on the internet, including confidentiality, integrity and authentication.
3. The TLS handshake: Step-by-step explanation of how a secure connection is established between client and server, including key exchange, certificates and session encryption.
4. Digital certificates and PKI: Understand how X.509 certificates work and how Public Key Infrastructure (PKI) establishes and maintains trust between systems.
5. Certificate authorities and trust chains: Learn how certificate authorities (CAs), root certificates and intermediate certificates form a chain of trust and how trust is validated.
6. Certificate validation and revocation: Understand how certificates are validated using CRL and OCSP, and what happens when certificates are expired, compromised or revoked.
7. Mutual TLS and authentication: Explore one-way TLS and mutual TLS (mTLS) and how certificates enable strong authentication between services, users and devices.
8. Certificate lifecycle and management: Learn how certificates are issued, deployed, rotated and managed in practice, including keystores, truststores and common certificate formats.
9. Security risks and real-world incidents: Identify common risks such as self-signed certificates, weak key management and misconfigurations, including lessons learned from incidents such as DigiNotar.
10. Automation and modern certificate management: Understand how automation, DevOps and Infrastructure as Code (IaC) are used to manage certificates at scale in modern environments, including Kubernetes platforms
11. Zero Trust and the role of certificates: Learn how certificates and encryption support Zero Trust architectures and secure service-to-service communication.
12. Best practices and future developments: Explore best practices for certificate management, compliance considerations and emerging topics such as post-quantum