Create a tutorial covering the following topics
-
Set up a webserver supporting HTTPS with perfect forward secrecy.
For the server certificate, you can use free certificates, such as the Let's encrypt certificate. Connect to the web server with your web browser and make sure that it is using the encryption mode that satisfies perfect forward secrecy. Also, please introduce the ACME protocol in your tutorial.
-
Self-signed certificate
Generate a self-signed server certificate (i.e., you sign the certificate with your own private key) and install the certificate to your web server and your web browser. Make sure the web browser will trust the server certificate without showing any warning message on the HTTPS connection.
-
Use man-in-the-middle to decrypt HTTPS encryption
Set up a man-in-the-middle proxy (e.g., mitmproxy) to intercept & decrypt a HTTPS connectoin (e.g., a connection to www.gmail.com).