Month: October 2014

Sigil 0.8.1 Released



Sigil 0.8.1 is now available! This is a bug fix release. See the Changelog for a full list of changes. Also, the source package directory structure has changed a bit. A number of files that were top level have been put into a docs subdirectory. Further, the source... Continue reading

Client Side Session Cache in OpenSSL



Building on Server Side Session Cache in OpenSSL we need to deal with the Client side. The OpenSSL documentation for SSL_CTX_set_session_cache_mode has an option for client caching. However, it states that, “the application must select the session to be reused by using the SSL_set_session(3) function.” It also states... Continue reading

Server Side Session Cache in OpenSSL



At work (information posed with permission from my employer) we’ve been looking into session caching with OpenSSL. We started this by looking at the server and found that by default OpenSSL will enable and use a session cache when acting as the server. However, there are two major things we... Continue reading

Enable DH and ECDH in OpenSSL (Server)



Recently at work we were looking into Forward Secrecy (FS). We were using Qualys SSL Server Test and noticed that Forward Secrecy was showing as NO. We decided to look into this because we want to use the most robust security we can. What we found was none... Continue reading