• Complain

Ivan Ristić - OpenSSL Cookbook: A guide to the most frequently used OpenSSL features and commands

Here you can read online Ivan Ristić - OpenSSL Cookbook: A guide to the most frequently used OpenSSL features and commands full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2013, genre: Romance novel. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

Ivan Ristić OpenSSL Cookbook: A guide to the most frequently used OpenSSL features and commands
  • Book:
    OpenSSL Cookbook: A guide to the most frequently used OpenSSL features and commands
  • Author:
  • Genre:
  • Year:
    2013
  • Rating:
    5 / 5
  • Favourites:
    Add to favourites
  • Your mark:
    • 100
    • 1
    • 2
    • 3
    • 4
    • 5

OpenSSL Cookbook: A guide to the most frequently used OpenSSL features and commands: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "OpenSSL Cookbook: A guide to the most frequently used OpenSSL features and commands" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

Comprehensive coverage of OpenSSL installation, configuration, and keyand certificate managementIncludes SSL/TLS Deployment Best Practices, a design and deployment guideWritten by a well-known practitioner in the field and the author of SSL Labs andthe SSL/TLS configuration assessment toolOpenSSL Cookbook is a free ebook built around one chapter from Bulletproof SSL/TLS and PKI, a larger work that provides complete coverage of SSL/TLS and PKI topics.

Ivan Ristić: author's other books


Who wrote OpenSSL Cookbook: A guide to the most frequently used OpenSSL features and commands? Find out the surname, the name of the author of the book and a list of all author's works by series.

OpenSSL Cookbook: A guide to the most frequently used OpenSSL features and commands — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "OpenSSL Cookbook: A guide to the most frequently used OpenSSL features and commands" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make
Preface

For all its warts, OpenSSL is one of the most successful and most important open source projects. Its successful because its so widely used; its important because the security of large parts of the Internet infrastructure relies on it. The project consists of a high-performance implementation of key cryptographic algorithms, a complete SSL/TLS and PKI stack, and a command-line toolkit. I think its safe to say that if your job has something to do with security, web development, or system administration, you cant avoid having to deal with OpenSSL on at least some level.

This book is intended primarily for OpenSSL users who need to perform routine tasks of key and certificate generation and configure programs that rely on OpenSSL for SSL/TLS functionality. The majority of the Internet is powered by open source products, and virtually all of those projects rely on OpenSSL. Apache httpd has long been a favorite, but its now being pursued by nginx, which is increasingly gaining in popularity. And, even in the Java camp, Apache Tomcat performs better when coupled with OpenSSL, replacing the native Java implementation of SSL/TLS.

This book isat least at the momentbuilt around a chapter from my third book, Bulletproof SSL/TLS and PKI. Im still writing it. Ive decided to make the OpenSSL chapter free because this very successful open source project is not very well documented and because the documentation that you can find on the Internet is often wrong and outdated. Thus, good documentation is in great demand.

Besides, publishers often give away one or more chapters in order to show what the book is like, and I thought I should make the most of it by not only making the OpenSSL chapter free, but also by committing to continue to maintain and improve it over time. I hope that the fates of OpenSSL Cookbook and Bulletproof SSL/TLS and PKI become closely intertwined, leading to more free content.

Feedback

Reader feedback is always very important, but especially so in this case, because this is a living book. In traditional publishing, often years pass before reader feedback goes back into the book, and then only if another edition actually sees the light of day (which often does not happen for technical books, because of the small market size). With this book, youll see new content appear in a matter of days. Ultimately, what you send to me will affect how the book will evolve.

The best way to contact me is to use my email address, ivanr@webkreator.com. Sometimes I may also be able to respond via Twitter, where you will find me at @ivanristic.

About Bulletproof SSL/TLS and PKI

Bulletproof SSL/TLS and PKI, the book that Im working on at the moment, is the book I wish I had back when I was starting to get involved with SSL. I dont remember when I started using SSL, but I do remember that when I was writing my first book, Apache Security, I began to appreciate the complexities of cryptography. I even began to like it. Before that point I thought that SSL was simple, but then I realized how vast the world of crypto actually is.

In 2009 I began to work on SSL Labs, and for me, the world of cryptography began to unravel. Fast-forward a couple of years, and in 2013 I still feel like Im only starting. Cryptography is a unique field in which the more you learn, the less you know.

In supporting the SSL Labs users over the years, Ive realized that theres a lot of documentation on SSL/TLS and PKI but also that it suffers from two problems: (1) its not documented in one place, so the little bits and pieces (e.g., RFCs) are difficult to find, and (2) it tends to be very detailed and low level. It took me years of work and study to begin to understand the entire ecosystem.

Bulletproof SSL/TLS and PKI aims to address the documentation gap, as a very practical book that first paints the whole picture and then proceeds to discuss the bits and pieces that you need in daily work, going as deep as needed to explain what you need to know.

About the Author

Ivan Risti is a security researcher, engineer, and author, known especially for his contributions to the web application firewall field and development of ModSecurity, an open source web application firewall, and for his SSL/TLS and PKI research, tools, and guides published on the SSL Labs web site.

He is the author of two books, Apache Security and ModSecurity Handbook, which he publishes via Feisty Duck, his own platform for continuous writing and publishing. Ivan is an active participant in the security community, and youll often find him speaking at security conferences such as Black Hat, RSA, OWASP AppSec, and others. Hes currently Director of Application Security Research at Qualys.

Personal copy of gg ggg

OpenSSL Cookbook

OpenSSL is an open source project that consists of a cryptographic library and an SSL toolkit. From the projects web site:

The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols as well as a full-strength general purpose cryptography library. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation.

OpenSSL is a de facto standard in this space and comes with a long history. The code initially began its life in 1995 under the name SSLeay,[] when it was developed by Eric A. Young and Tim J. Hudson. The OpenSSL project was born in the last days of 1998, when Eric and Tim stopped their work on SSLeay to work on a commercial SSL toolkit called BSAFE SSL-C at RSA Australia.

Today, OpenSSL is ubiquitous on the server side and in many client tools. Interestingly, browsers tend to use other libraries. The command-line tools provided by OpenSSL are most commonly used to manage keys and certificates.

OpenSSL is dual-licensed under OpenSSL and SSLeay licenses. Both are BSD-like, with an advertising clause. The license has been a source of contention for a very long time, because neither of the licenses is considered compatible with the GPL family of licenses. For that reason, you will often find that GPL-licensed programs favor GnuTLS.

Getting Started

If youre using one of the Unix platforms, getting started with OpenSSL is easy; youre virtually guaranteed to already have it on your system. The only problem that you might face is that you might not have the latest version. In this section, I assume that youre using a Unix platform, because thats the natural environment for OpenSSL.

Windows users tend to download binaries, which might complicate the situation slightly. In the simplest case, if you need OpenSSL only for its command-line utilities, the main OpenSSL web site links to Shining Light Productions for the Windows binaries. In all other situations, you need to ensure that youre not mixing binaries compiled under different versions of OpenSSL. Otherwise, you might experience crashes that are difficult to troubleshoot. The best approach is to use a single bundle of programs that includes everything that you need. For example, if you want to run Apache on Windows, you can get your binaries from the Apache Lounge.

Determine OpenSSL Version and Configuration

Before you do any work, you should know which OpenSSL version youll be using. For example, heres what I get for version information with openssl version on Ubuntu 12.04 LTS, which is the system that Ill be using for the examples in this chapter:

$ openssl versionOpenSSL 1.0.1 14 Mar 2012
Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «OpenSSL Cookbook: A guide to the most frequently used OpenSSL features and commands»

Look at similar books to OpenSSL Cookbook: A guide to the most frequently used OpenSSL features and commands. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «OpenSSL Cookbook: A guide to the most frequently used OpenSSL features and commands»

Discussion, reviews of the book OpenSSL Cookbook: A guide to the most frequently used OpenSSL features and commands and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.