Analysis of free SSL/TLS Certificates and their implementation as Security Mechanism in Application Servers.


  • Mario E. Cueva Hurtado Universidad Nacional de Loja
  • Diego Javier Alvarado Sarango Universidad Nacional de Loja



Security, Certificates SSL/TLS, Certifying Authority, Vulnerabilities, X.509, Kali Linux.


Security in the application layer (SSL), provides the confidentiality, integrity, and authenticity of the data, between two applications that communicate with each other. This article is the result of having implemented Free SSL / TLS Certificates in application servers, determining the relevant characteristics that must have a SSL/TLS certificate, the Certifying Authority generate it. A vulnerability analysis is developed in application servers and encrypted communications channel is established to protect against attacks such as man in the middle, phishing and maintaining the integrity of information that is transmitted between the client and server.



Download data is not yet available.


Clark, J., & Van Oorschot, P. C. (2013). SoK: SSL and HTTPS: Revisiting past challenges and evaluating certificate trust model enhancements. Proceedings - IEEE Symposium on Security and Privacy, 511–525.
Durumeric, Z., & Kasten, J. (2013). Analysis of the HTTPS certificate ecosystem. Proceedings of the 2013 …, 291–304.
Enrique, M., Hurtado, C., Javier, D., Sarango, A., Gustavo, R., Díaz, F., & Torres, H. (n.d.). Revisión Sistemática de Certificados SSL / TLS como Mecanismo de Seguridad en Servidores de Aplicación.
Kitchenham, B. (2004). Procedures for performing systematic reviews. Keele, UK, Keele University, 33(TR/SE-0401), 28.
Markovi, M. (2007). Data protection techniques, cryptographic protocols and PKI systems in modern computer networks. 2007 IWSSIP and EC-SIPMCS - Proc. 2007 14th Int. Workshop on Systems, Signals and Image Processing, and 6th EURASIP Conf. Focused on Speech and Image Processing, Multimedia Communications and Services, 13–24.
Mu, F., Zhang, J., Du, J., & Lin, J. (2011). Application of the Secure Transport SSL Protocol in Network Communication.
Ordean, M., & Giurgiu, M. (2010). Implementation of a security layer for the SSL/TLS protocol. 2010 9th International Symposium on Electronics and Telecommunications, ISETC’10 - Conference Proceedings, 209–212.
Riffo, M. A. (2008). Vulnerabilidades de las Redes TCP/IP y Principales Mecanismos de Seguridad. In Vitro, 3(2), 1–23. Retrieved from
Subías, M. P. (n.d.). Desfalcos por “Phishing,” 25–26. Retrieved from
Wagner, D., & Schneier, B. (1996). Analysis of the SSL 3.0 protocol. Proceedings of the 2nd Conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2, 4.



How to Cite

Cueva Hurtado, M. E., & Alvarado Sarango, D. J. (2017). Analysis of free SSL/TLS Certificates and their implementation as Security Mechanism in Application Servers. Enfoque UTE, 8(1), pp. 273 - 286.