Tag Archives: openssl

SSL Interception: troubleshooting

Intro SSl Interception is a reality at some larger companies. From a security perspective it is vital as it permits you to extend your AV scanning, botnet detection, 0-day, DLP, cloud security, etc to your https traffic which is normally … Continue reading

Posted in Network Technologies, Web Site Technologies | Tagged , , , | Leave a comment

drjohnstechtalk.com is now an encrypted web site

Intro I don’t overtly chase search engine rankings. I’m comfortable being the 2,000,000th most visited site on the Internet, or something like that according to alexa. But I still take pride in what I’m producing here. So when I read … Continue reading

Posted in Admin, Apache, CentOS, Security | Tagged , , , , , , , | Leave a comment

The IT Detective Agency: strange ssl error explained

Intro Fromm time-to-time I get an unusual ssl error when using curl to check one of my web sites. This post documents the error and how I recovered from it. The details I was bringing up a new web site … Continue reading

Posted in Admin | Tagged , , | Leave a comment

My favorite openssl commands

Intro openssl is available on almost every operating system. It’s a great tool if you work with certificates regularly, or even occasionally. I want to document some of the commands I use most frequently. The details Convert PEM CERTs to … Continue reading

Posted in Admin, Security | Tagged , , , , , | 1 Comment

The Basics of How to Work with Cipher Settings

December, 2014 Update With some tips for making your server POODLE-proof, and 2016 update to deal with OpenSSL Padding Oracle Vulnerability CVE-2016-2107 Intro We got audited. There’s always something they catch, right? But I actually appreciate the thoroughness of this … Continue reading

Posted in Admin, Apache, IT Operational Excellence, Security | Tagged , , , , , , , , , , , , , , | 15 Comments