Linux / BSD and UNIX like operating systems includes software from the OpenSSL Project. The OpenSSL is commercial-grade, industry-strength, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as general purpose cryptography library.
The Google security team discovered a flaw in the way OpenSSL checked the verification of certificates. An attacker in control of a malicious server, or able to effect a “man in the middle” attack, could present a malformed SSL/TLS signature from a certificate chain to a vulnerable client and bypass validation.
This update has been rated as having important security impact on FreeBSD, all version of Ubuntu / Debian, Red Hat (RHEL), CentOS, Fedora and other open source operating system that depends upon OpenSSL.
In this tutorial yo0u will learn about Installing SSL Certificate (Secure Server Certificate) to secure communication between Postfix SMTP server and mail client such as Outlook or Thunderbird.
If you are testing an application (web based) or just want secure login page for your application, you can create a self signed SSL Certificates. I have already explained the procedure for installing real third party signed SSL certificate. Procedure is as follows: Step # 1: Create self signed SSL Certificates Create a directory to […]
Lighttpd ssl / Lighttpd Https Tutorial – Explains how to create a SSL certificate under Lighttpd web server and install the same including certificate issued by Certification Authority (CA).
From my mailbag: Q. How do I password protect files? Linux and other Unixish oses offers strong file permissions and ACL (access control list) concept in Linux/UNIX computer security used to enforce privilege separation. However, none of them offers a password to protect files. You can use GNU gpg (GNU Privacy Guard) encryption and signing […]