Qualys: SSL/TLS Deployment Best Practices
Qualys has posted a great PDF outlining SSL/TLS deployment best practices.
SSL/TLS is a deceptively simple technology. It is easy to deploy, and it just works . . . except that it does not, really. The first part is true—SSL is easy to deploy—but it turns out that it is not easy to deploy correctly. To ensure that SSL provides the necessary security, users must put more effort into properly configuring their servers.