At the very tail end of 2024, i was able to take the Certified Ethical Hacker course. It’s been on my bucket list for a while now. I’m still working through some of the labs before i take the second test (the practical exam), but i believe there might be value in talking about what i’ve seen so far.

The Course

I have no complaints about the course. There was a lot of information to be disseminated in a short period of time, around 250 slides per day plus a few practical exercises.

Too often do i hear my application admin coworkers and some sysadmins even, moan and grumble about certificates. People are always talking about TLS/SSL as if “no one understands this anyway” and “It’s a mystery to me”. I held a talk at my workplace recently where I attempted to demystify TLS/SSL a bit, and maybe someone out there would also be interested in that.

I’m no expert on TLS in any real sense, but i’ve been managing an internal PKI for a while now and looked into the protocol.