logo
Apache Lounge
Webmasters

 


About

Forum Index Downloads Search Register Log in  RSS Apache Lounge
 



Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Apache Lounge is not sponsored.

Your donations will help to keep this site alive and well, and continuing building binaries.



OpenSSL Cookbook 2nd Edition Released :: Free ebook

 
Post new topic   Reply to topic    Apache Forum Index -> News & Hangout



View previous topic :: View next topic  
Author Message
Steffen
Moderator


Joined: 15 Oct 2005
Posts: 2581
Location: Hilversum, NL, EU

PostPosted: Tue 03 Mar '15 21:51    Post subject: OpenSSL Cookbook 2nd Edition Released :: Free ebook Reply with quote

Ivan (well known as original author of mod_security and SSL Labs) has updated his OpenSSL Cookbook ebook. With lots more content: private CA creation, secure server assessment, etc..

OpenSSL Cookbook is a free ebook built around two OpenSSL chapters from Bulletproof SSL and TLS, a larger work that teaches how to deploy secure servers and web applications. For the Bulletproof SSL and TLS book, see www.apachelounge.com/viewtopic.php?t=6139


https://community.qualys.com/blogs/securitylabs/2015/03/03/openssl-cookbook-2nd-edition-released


See also the free books Apache Security & ModSecurity :
www.apachelounge.com/viewtopic.php?t=6431


Really good books from Ivan. If you use SSL (and you should), read it! It contains you need to know/understand deploying SSL/TLS to secure servers and web applications. It is a comprehensive coverage of the ever-changing field of SSL/TLS.

Here’s a brief overview of what’s new:

New chapter Testing with OpenSSL, which focuses on secure server assessment.

New section Recommended Configuration, which contains a list of recommended cipher suites. I now prefer to configure OpenSSL by explicitly listing all the suites I wish to enable.

New section Creating a Private Certification Authority, which contains a step-by-step guide to creating and deploying a private CA. Updated SSL/TLS Deployment Best Practices to v1.4.

Important changes in this version include SHA1 deprecation and SSL 3 weaknesses (POODLE).


Steffen
Back to top


Post new topic   Reply to topic    Apache Forum Index -> News & Hangout
Page 1 of 1