Tag Archives: SSL

Check if the certificate of a domain was revoked

Just had the need to quickly check if the certificate of a domain was revoked or not, and found this tutorial: ¬†OpenSSL: Manually verify a certificate against a CRL Well done, but two problems: If the server doesn’t send all certificates (including the root CA), the verify process will fail Too much to type… So i quickly created a bash … Continue reading

Posted in Bash, Linux, Security, SSL/TLS | Tagged , , , , , , | Leave a comment

Nethack.ch is SSL only now – Let’s Encrypt FTW!

Last week i received access to Let’s Encrypts beta, and therefore was able to generate some certificates which are fully accepted by any modern browser. Because of that, nethack.ch will be SSL only from now on. Let’s Encrypt should be GA around the 16th of November 2015. So, get ready to deploy SSL to your sites.

Posted in Security | Tagged , , , , | Leave a comment

Increase SSL and TLS security on nginx and Apache by enabling PFS and HSTS

The default configuration of SSL is fine on most Linux distributions (you will get an A-Rating at SSL Labs), but still could be done a lot better and more secure. Goals we want to achieve: Enable Perfect Forward Secrecy (PFS) Enable HTTP Strict Transport Security (HSTS) Disable SSLv2 and SSLv3 PCI¬†compliant FIPS-ready¬†(optional) Don’t break IE… NOTE: the configuration below will … Continue reading

Posted in Apache, CentOS, Linux, nginx, Security | Tagged , , , , , , , , | 3 Comments