Apache Lounge



Forum Index Downloads Search Register Log in  RSS Apache Lounge

Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.



A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Apache Lounge is not sponsored.

Your donations will help to keep this site alive and well, and continuing building binaries.

OpenSSL Cookbook 2nd Edition Released :: Free ebook

Post new topic   Reply to topic    Apache Forum Index -> News & Hangout

View previous topic :: View next topic  
Author Message

Joined: 15 Oct 2005
Posts: 2676
Location: Hilversum, NL, EU

PostPosted: Tue 03 Mar '15 21:51    Post subject: OpenSSL Cookbook 2nd Edition Released :: Free ebook Reply with quote

Ivan (well known as original author of mod_security and SSL Labs) has updated his OpenSSL Cookbook ebook. With lots more content: private CA creation, secure server assessment, etc..

OpenSSL Cookbook is a free ebook built around two OpenSSL chapters from Bulletproof SSL and TLS, a larger work that teaches how to deploy secure servers and web applications. For the Bulletproof SSL and TLS book, see www.apachelounge.com/viewtopic.php?t=6139


See also the free books Apache Security & ModSecurity :

Really good books from Ivan. If you use SSL (and you should), read it! It contains you need to know/understand deploying SSL/TLS to secure servers and web applications. It is a comprehensive coverage of the ever-changing field of SSL/TLS.

Here’s a brief overview of what’s new:

New chapter Testing with OpenSSL, which focuses on secure server assessment.

New section Recommended Configuration, which contains a list of recommended cipher suites. I now prefer to configure OpenSSL by explicitly listing all the suites I wish to enable.

New section Creating a Private Certification Authority, which contains a step-by-step guide to creating and deploying a private CA. Updated SSL/TLS Deployment Best Practices to v1.4.

Important changes in this version include SHA1 deprecation and SSL 3 weaknesses (POODLE).

Back to top

Post new topic   Reply to topic    Apache Forum Index -> News & Hangout
Page 1 of 1