没有合适的资源?快使用搜索试试~ 我知道了~
资源推荐
资源详情
资源评论
OPENSSL
COOKBOOK
A Guide to the Most Frequently Used
OpenSSL Features and Commands
Ivan Ristić
Bulletproof SSL/TLS and PKI
From the book
Last update: Fri Nov 01 09:47:58 GMT 2013 (build 128)
fffUTXbchSdRZR^\
FINE TECHNOLOGY BOOKS
BULLETPROOF
SSL /TLS AND PKI
The Complete Guide to Securely Using SSL/TLS and PKI in
Infrastructure Deployment and Web Application Development
Ivan Ristić
Free edition: Getting Started
The complete guide to securely using SSL/TLS
and PKI in infrastructure deployment and
web application development
Personal copy of Stanley Laurel <neolinux33@gmail.com>
OpenSSL Cookbook
by Ivan Ristić
Version 1.1 build 127, published in October 2013.
Copyright © 2013 Feisty Duck Limited. All rights reserved.
First published in May 2013.
ISBN: 978-1907117053
Feisty Duck Limited
www.feistyduck.com
contact@feistyduck.com
Address:
6 Acantha Court
Montpelier Road
London W5 2QP
United Kingdom
Production editor: Jelena Girić-Ristić
Copyeditors: Melinda Rankin, Nancy Wolfe Kotary
All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or
by any means, without the prior permission in writing of the publisher.
The author and publisher have taken care in preparation of this book, but make no expressed or implied warranty of any kind and
assume no responsibility for errors or omissions. No liability is assumed for incidental or consequential damages in connection
with or arising out of the use of the information or programs contained herein.
Feisty Duck Digital
Book Distribution
www.feistyduck.com
Personal copy of Stanley Laurel <neolinux33@gmail.com>
iii
Table of Contents
Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . v
Feedback vi
About Bulletproof SSL/TLS and PKI vi
About the Author vi
1. OpenSSL Cookbook . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Getting Started 2
Determine OpenSSL Version and Configuration 2
Building OpenSSL 3
Examine Available Commands 4
Building a Trust Store 5
Key and Certificate Management 7
Key Generation 7
Creating Certificate Signing Requests 11
Creating CSRs from Existing Certificates 13
Unattended CSR Generation 13
Signing Your Own Certificates 13
Creating Certificates Valid for Multiple Hostnames 14
Examining Certificates 15
Key and Certificate Conversion 18
Configuration 20
Cipher Suite Selection 21
Performance 31
A. SSL/TLS Deployment Best Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Introduction 35
1. Private Key and Certificate 36
1.1. Use 2048-bit Private Keys 36
1.2. Protect Private Keys 36
1.3. Ensure Sufficient Hostname Coverage 36
1.4. Obtain Certificates from a Reliable CA 37
Personal copy of Stanley Laurel <neolinux33@gmail.com>
剩余56页未读,继续阅读
资源评论
mister_exia
- 粉丝: 3
- 资源: 7
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功