Nginx – Hardening SSL security by protecting from well-known attack vectors

Published on Author gryzliLeave a comment

Recently bunch of SSL attacks pop out, some of which get lot of public attention: Heartbleed Beast attack Crime attack Freak attack Poodle …..and so on ….   Disabling SSLv3 and SSLv2 and Excluding Weak Cipher-Suites   If you want to protect your Nginx from the biggest part of these attacks, you can add the… Continue reading Nginx – Hardening SSL security by protecting from well-known attack vectors

Creating Root SSL Authority with OpenSSL

Published on Author gryzliLeave a comment

1. Create directory structure mkdir certificates private_keys echo ‘100001’ >serial touch certindex.txt   2. Create some default openssl.cnf file # # OpenSSL configuration file. # # Establish working directory. dir = . [ ca ] default_ca = CA_default [ CA_default ] serial = $dir/serial database = $dir/certindex.txt new_certs_dir = $dir/certs certificate = $dir/cacert.pem private_key =… Continue reading Creating Root SSL Authority with OpenSSL