secure sockets layer

Linux / BSD and UNIX like operating systems includes software from the OpenSSL Project. The OpenSSL is commercial-grade, industry-strength, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as general purpose cryptography library.

The Google security team discovered a flaw in the way OpenSSL checked the verification of certificates. An attacker in control of a malicious server, or able to effect a “man in the middle” attack, could present a malformed SSL/TLS signature from a certificate chain to a vulnerable client and bypass validation.

This update has been rated as having important security impact on FreeBSD, all version of Ubuntu / Debian, Red Hat (RHEL), CentOS, Fedora and other open source operating system that depends upon OpenSSL.

{ 2 comments }

In this tutorial yo0u will learn about Installing SSL Certificate (Secure Server Certificate) to secure communication between Postfix SMTP server and mail client such as Outlook or Thunderbird.

{ 16 comments }

If you are testing an application (web based) or just want secure login page for your application, you can create a self signed SSL Certificates. I have already explained the procedure for installing real third party signed SSL certificate. Procedure is as follows: Step # 1: Create self signed SSL Certificates Create a directory to […]

{ 9 comments }

Lighttpd logo

Lighttpd ssl / Lighttpd Https Tutorial – Explains how to create a SSL certificate under Lighttpd web server and install the same including certificate issued by Certification Authority (CA).

{ 15 comments }

From my mailbag: Q. How do I password protect files? Linux and other Unixish oses offers strong file permissions and ACL (access control list) concept in Linux/UNIX computer security used to enforce privilege separation. However, none of them offers a password to protect files. You can use GNU gpg (GNU Privacy Guard) encryption and signing […]

{ 3 comments }