Tag: OpenSSL

Python Self Signed Cert Gen

Introduction Sometimes I need to write a simple network server to emulate an application I’m integrating with. Typically, this is ends up being a throw away Python script that allows me to easily inspect at a request and returns a basic response. It’s handy to verify what I’m sending... Continue reading

Client Side Session Cache in OpenSSL

Building on Server Side Session Cache in OpenSSL we need to deal with the Client side. The OpenSSL documentation for SSL_CTX_set_session_cache_mode has an option for client caching. However, it states that, “the application must select the session to be reused by using the SSL_set_session(3) function.” It also states... Continue reading

Server Side Session Cache in OpenSSL

At work (information posed with permission from my employer) we’ve been looking into session caching with OpenSSL. We started this by looking at the server and found that by default OpenSSL will enable and use a session cache when acting as the server. However, there are two major things we... Continue reading

Enable DH and ECDH in OpenSSL (Server)

Recently at work we were looking into Forward Secrecy (FS). We were using Qualys SSL Server Test and noticed that Forward Secrecy was showing as NO. We decided to look into this because we want to use the most robust security we can. What we found was none... Continue reading