• Complain

Ivan Ristić - OpenSSL Cookbook

Here you can read online Ivan Ristić - OpenSSL Cookbook full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2022, genre: Romance novel. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

Ivan Ristić OpenSSL Cookbook

OpenSSL Cookbook: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "OpenSSL Cookbook" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

https://www.feistyduck.com/books/openssl-cookbook/

Ivan Ristić: author's other books


Who wrote OpenSSL Cookbook? Find out the surname, the name of the author of the book and a list of all author's works by series.

OpenSSL Cookbook — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "OpenSSL Cookbook" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make
Preface

For all its warts, OpenSSL is one of the most successful and most important open source projects. Its successful because its so widely used; its important because the security of large parts of the Internet infrastructure relies on it. The project consists of a high-performance implementation of key cryptographic algorithms, a complete TLS and PKI stack, and a command-line toolkit. I think its safe to say that if your job has something to do with security, web development, or system administration, you cant avoid having to deal with OpenSSL on at least some level. The majority of the Internet is powered by open source products, and most of them rely on OpenSSL.

This book covers two ways in which OpenSSL can be used. , focuses on server security testing using OpenSSL. Although sometimes time consuming, this type of low-level testing cant be avoided when you wish to know exactly whats going on.

Both chapters are borrowed from my larger work, called Bulletproof TLS and PKI. I decided to publish the OpenSSL chapters as a separate free book because there is a severe lack of good and easily available documentation. As is often true for complex and long-lived projects, the OpenSSL documentation you can find on the Internet is often wrong and outdated.

Besides, publishers often give away one or more chapters in order to show what the book is like, and I thought I should make the most of this practice by not only making the OpenSSL chapters free, but also by committing to continue to maintain and improve them over time. So here they are.

Feedback

Reader feedback is always very important, but especially so in this case, because this is a living book. In traditional publishing, often years pass before reader feedback goes back into the book, and then only if another edition actually sees the light of day (which often does not happen for technical books, because of the small market size). With this book, youll see new content appear in a matter of days. Ultimately, what you send to me will affect how the book will evolve.

The best way to contact me is to use my email address, ivanr@webkreator.com. Sometimes I may also be able to respond via Twitter, where you will find me under the handle @ivanristic.

Acknowledgments

This is a short book, but its packed with technical information. As a result, there are ample opportunities for mistakes. I am very grateful to Matt Caswell for his help in keeping the mistakes away. Matt, who is a member of the OpenSSL development team, joined me as technical reviewer for the third edition.

Various people have written to me with their thoughts and corrections. They, too, made this book better. I extend my thanks to Brian Howson, Christian Folini, Jeff Kayser, Martin Carpenter, Michael Reschly, Karsten Weiss, Olivier Levillain, and Stephen N. Henson.

My special thanks goes to my copyeditor, Melinda Rankin. She has been a pleasure to work with, as always.

About Bulletproof TLS and PKI

Bulletproof TLS and PKI is the book I wish I had back when I was starting to use SSL. I dont remember when that was exactly, but it was definitely very early on, back when you still had to patch Apache to get it to support SSL. What I do remember is how, in 2005, when I was writing my first book, Apache Security, I started to appreciate the complexities of cryptography. I even began to like it.

In 2009 I started to work on SSL Labs, and for me, the world of cryptography began to unravel. Fast-forward a decade, and in 2020 I am still learning. Cryptography is a unique field in which the more you learn, the less you know.

In supporting SSL Labs users over the years, I realized that there was a lot written on SSL/TLS and PKI, but that the material generally suffered from two problems: (1) all you need is not in one place, making the little bits and pieces (e.g., RFCs) difficult to find, and (2) most of it is too detailed and low level. Many documents are also obsolete. I tried to make sense of it all and it took me years of work and study to even begin to understand the ecosystem.

Bulletproof TLS and PKI addresses the documentation gap. Its a practical book that starts with a gentle introduction and a solid theory background, but then moves to discuss everything you need for your daily work. It also provides deep coverage of certain key aspects, for example protocol attacks. For those who want even more, there are hundreds of references to research papers and other external resources.

About the Author

Ivan Risti writes computer security books and builds security products. His book Bulletproof TLS and PKI, the result of more than a decade of research and study, is widely recognized as the de-facto SSL/TLS and PKI reference manual. His work on SSL Labs made hundreds of thousands of web sites more secure. Before that, he created ModSecurity, a leading open source web application firewall.

More recently, Ivan founded Hardenize, a platform for continuous security monitoring that provides free assessments to everyone. Hes a member of Lets Encrypts technical advisory board.

OpenSSL Command Line

OpenSSL is the worlds most widely used implementation of the Transport Layer Security (TLS) protocol. At the core, its also a robust and a high-performing cryptographic library with support for a wide range of cryptographic primitives. In addition to the library code, OpenSSL provides a set of command-line tools that serve a variety of purposes, including support for common PKI operations and TLS testing.

OpenSSL is a de facto standard in this space and comes with a long history. The code initially began its life in 1995 under the name SSLeay,[] when it was developed by Eric A. Young and Tim J. Hudson. OpenSSL as a separate project was born in 1998, when Eric and Tim decided to begin working on a commercial SSL/TLS toolkit called BSAFE SSL-C. A community of developers picked up the project and continued to maintain it.

Today, OpenSSL is ubiquitous on the server side and in many client programs. The command-line tools are also the most common choice for key and certificate management. When it comes to browsers, OpenSSL also has a substantial market share, albeit via Googles fork, called BoringSSL.

OpenSSL used to be dual-licensed under OpenSSL and SSLeay licenses. Both are BSD-like, with an advertising clause. With version 3.0, released in September 2021, OpenSSL simplified its licensing by moving to Apache License v2.0.

Getting Started

If youre using one of the Unix platforms, getting started with OpenSSL should be easy; youre virtually guaranteed to have it already installed on your system. Still, things could go wrong. For example, you could have a version thats just not right, or there could be other tools (e.g., LibreSSL) configured to respond when OpenSSL is invoked. For this reason, its best to first check what you have installed and resort to using a custom installation only if absolutely necessary. Another option is to look for a packaging platform. For example, for OS X you could use Brew or MacPorts. As always, compiling something from scratch once is rarely a problem; maintaining that piece of software indefinitely is.

In this chapter, I assume that youre using a Unix platform because thats the natural environment for OpenSSL. On Windows, its less common to compile software from scratch because the tooling is not readily available. You can still compile OpenSSL yourself, but it might take more work. Alternatively, you can consider downloading the binaries from the Shining Light Productions web site.[]

Determine OpenSSL Version and Configuration

Before you do any work, you should know which OpenSSL version youll be using. TLS and PKI continue to develop at a fairly rapid pace, and you may find that what you can do is limited if your version of OpenSSL doesnt support them. Heres what I get for version information with

Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «OpenSSL Cookbook»

Look at similar books to OpenSSL Cookbook. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «OpenSSL Cookbook»

Discussion, reviews of the book OpenSSL Cookbook and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.