6. Securing your application with HTTPS and Azure AD
HTTPS has become a necessity for any public-facing website. Not only does it improve the security of your website, but it is also becoming a requirement for new browser functionalities. HTTPS is a secure version of the HTTP protocol. HTTPS makes use of Transport Layer Security (TLS) certificates to encrypt traffic between an end user and a server, or between two servers. TLS is the successor to the Secure Sockets Layer (SSL). The terms TLS and SSL are often used interchangeably.
In the past, you needed to buy certificates from a certificate authority (CA), then set them up on your web server, and then renew them periodically. While that is still possible today, the Let's Encrypt service and helpers in Kubernetes make it very easy to set verified TLS certificates in your cluster. Let's Encrypt is a non-profit organization run by the Internet Security Research Group and backed by multiple companies. It...