Transport Layer Security (TLS) is the most important cryptographic protocol on the Internet. It is responsible for securing connections between browsers and web servers, or between web services peers. However, recent TLS history is full of new attacks, which makes it difficult do deploy applications securely. In this training, we give an overview of the most important TLS attacks, and show how to detect these attacks with different tools. Afterwards, we present best practices to establish secure TLS connections. Contents Short intro into crypto Internet protocol suite TLS protocol Certificates TLS attacks TLS implementations Secure TLS configuration Security evaluation with specific tools Training attendees The training is dedicated to server administrators as well as penetration testers. There are no specific prerequisites for this course. However, basic knowledge of server administration or basic crypto knowledge would be of advantage. Requirements A laptop with a recent version of Virtual Box