This article explains the fundamentals of SSL/TLS, why transport‑layer encryption is essential, and provides a hands‑on guide to using OpenSSL on Linux for symmetric and asymmetric encryption, hashing, password generation, random number creation, and base64 encoding with clear command‑line examples.
This guide walks you through the four core stages of HTTPS certificate handling—CA distribution, domain request, validation, and data encryption—while providing detailed OpenSSL commands, Linux/Windows/macOS trust‑store paths, and a ready‑to‑run shell script for fully automated certificate generation.
Despite widespread browser and CDN support for HTTP/3, most developers still struggle to deploy it end‑to‑end because of missing QUIC implementations in language runtimes, fragmented open‑source tooling, and compatibility issues with core libraries like OpenSSL.
The PHP Foundation, backed by the Sovereign Tech Agency, outlines a multi‑year plan to modernise PHP’s stream subsystem with performance boosts, safer async I/O, enhanced error handling, new network polling, and TLS 1.3 security improvements, illustrated by before‑and‑after code examples.
This guide walks you through installing OpenSSL, creating a secure directory layout, configuring OpenSSL, generating a self‑signed root certificate, issuing client certificates, managing CA files, revoking certificates, and inspecting certificate details, all with clear command‑line examples and diagrams.
This guide explains the fundamentals of SSL/TLS, why transport‑layer encryption is used, and provides step‑by‑step Linux OpenSSL commands for symmetric and asymmetric encryption, decryption, hashing, password generation, random data creation, and Base64 encoding, complete with examples and key options.
This guide walks through creating a CA private key, a certificate signing request, and a self‑signed CA certificate using OpenSSL, detailing each command's parameters, technical nuances, and essential security practices.
This article walks through the differences between plain HTTP, HTTPS one‑way authentication, and mutual TLS, detailing the TCP handshake, TLS handshakes, certificate creation, file‑type conventions, and practical security considerations for developers and engineers.
This article walks you through using OpenSSL to create a private key, remove its password, generate a PEM file, craft a certificate signing request, configure extensions, and finally produce a CA‑signed certificate with all necessary command‑line steps and explanations.
This guide explains the fundamentals of SSL/TLS, why encryption occurs at the transport layer, and provides comprehensive OpenSSL command‑line examples for symmetric encryption/decryption, asymmetric key generation, hashing, password creation, and random number generation, illustrating each operation with clear syntax and usage notes.
Learn step-by-step how to set up a private Certificate Authority on Linux using OpenSSL, covering CA and PKI basics, directory structure, configuration files, generating root and client certificates, managing revocation lists, and essential commands for secure certificate management.
This article explains why encrypting data transmission is essential, and demonstrates three PHP-based methods—using HTTPS, symmetric encryption (e.g., AES), and asymmetric encryption with OpenSSL—to protect communication, along with sample code and key management tips.
This guide shows how to generate a self‑signed SSL certificate for an internal IP address using OpenSSL, configure Nginx to serve HTTPS without security warnings, and import the certificate into Chrome with the necessary extensions to avoid common name errors.
This step‑by‑step guide shows how to upgrade the outdated OpenSSH 7.4p1 and OpenSSL 1.0.2k on a CentOS 7 server by first installing Telnet as a fallback, removing the old packages, installing OpenSSL 1.1.1g, compiling OpenSSH 8.3p1, adjusting the configuration, and finally testing the new SSH service.
The PHP Foundation released a security audit of the php‑src core, revealing several high‑severity CVEs that were patched in version 8.4.6, detailing the affected components, audit scope, and overall assessment of PHP's security posture.
This guide explains the fundamentals of HTTPS, walks through creating a self‑signed certificate with OpenSSL, and shows step‑by‑step how to set up Nginx inside a Docker container to serve secure traffic on port 443.
This article explains common encryption and signing algorithms—including AES, SM4, RSA2, and SM2—covers key representations in hex and Base64, details digital certificate structures, CSR application, TLS usage scenarios, OpenSSL commands for PEM conversion, and provides Java and JavaScript code examples for secure communication.
This article explains OpenSSL’s origins, its role in encryption on CentOS, common use cases such as web servers and database security, provides step‑by‑step installation and upgrade commands, and demonstrates how to generate RSA, SM2, AES, and SM4 keys via the OpenSSL command line and Java alternatives.
This comprehensive guide explains OpenSSL’s role in cryptography, covering symmetric and asymmetric encryption, hashing, key generation, certificate creation, and practical command‑line examples for encrypting files, managing keys, signing data, and configuring TLS servers, empowering readers to master secure communications.
This guide walks you through using OpenSSL to create a private key, generate a certificate signing request, configure extensions, and produce a self‑signed CA and server certificate, including commands for key encryption, password removal, and PEM/CRT output.
This guide explains common certificate formats (PEM, DER, CRT, CER), shows how to generate a CA key, CSR, and signed certificate with OpenSSL, demonstrates format conversions, and provides commands for inspecting and verifying certificates, all essential for secure operations.
This guide explains how to use OpenSSL to create private keys, certificate signing requests, and signed SSL/TLS certificates, covering key generation, password removal, PEM creation, extension configuration, and the final issuance of server.crt and server.key files.
This guide explains the concepts of CA and PKI, walks through setting up a private Certificate Authority using OpenSSL, and details the complete lifecycle of certificate issuance, revocation, and verification with practical commands and configuration examples.
This guide walks through installing OpenSSL, generating a self‑signed SSL key and certificate for an internal IP address, configuring Nginx to use the certificate, and importing the certificate into Chrome and Firefox, including necessary extensions to avoid common name errors.
Learn step‑by‑step how to set up a private Certificate Authority using OpenSSL, create the necessary directory structure, configure files, generate self‑signed root certificates, issue and revoke client certificates, and understand related files and processes such as CRL, index databases, and certificate verification.
This tutorial walks you through safely upgrading OpenSSH (to 8.3p1) and OpenSSL (to 1.1.1g) on CentOS 7, covering prerequisite OpenSSL upgrade, service shutdown, dependency installation, source compilation, configuration tweaks, and verification steps.
This tutorial explains how to encrypt sensitive data with PHP's OpenSSL functions, decrypt it, and then safely feed the decrypted results to ECharts to render interactive statistical charts, providing complete code examples for each step.
This article explains why encrypting data transmission is essential, then demonstrates how to secure PHP-based communications using HTTPS, symmetric algorithms such as AES, and asymmetric encryption with OpenSSL, including complete code examples and key management tips.
This guide introduces GmSSL, an OpenSSL‑compatible toolbox that implements China’s national cryptographic algorithms, explains its lightweight and cross‑platform features, and provides step‑by‑step instructions for compiling, installing, and using core commands, SM4/SM3/SM2 operations, and certificate authority workflows.
This article provides a thorough walkthrough of OpenSSL, covering cryptographic standards, symmetric and asymmetric encryption commands, message digests, certificate creation and management, as well as useful utilities like random number generation and password hashing, all illustrated with practical command‑line examples.
This article provides a thorough walkthrough of OpenSSL, covering cryptographic standards, symmetric and public‑key encryption, message digests, digital certificate creation and management, plus practical command‑line examples for each operation, making it a valuable resource for security professionals and developers.
This tutorial explains the differences between PEM and DER certificate formats, lists common file extensions, and provides step‑by‑step OpenSSL commands for generating a CA key, creating CSRs, signing certificates, converting formats, and verifying the results.
Apple’s recent change to macOS’s cURL implementation, which forces the ‑‑cacert option to use the system trust store instead of a user‑supplied certificate bundle, has been criticised by cURL founder Daniel Stenberg as unreliable and potentially insecure, though Apple says the behaviour is intentional and not a bug.
This article explains how to protect data transmission in PHP applications by employing HTTPS (SSL/TLS), implementing symmetric encryption such as AES, and using asymmetric encryption with OpenSSL, while highlighting key management practices to ensure confidentiality, integrity, and resistance to man‑in‑the‑middle attacks.
This comprehensive guide walks through essential Linux administration techniques, including Bash scripts for summing user IDs, array and string manipulation, advanced variable usage, random number analysis, factorial recursion, process and thread concepts, job control, kernel design models, boot and GRUB workflows, service management with chkconfig and systemd, as well as CA creation, certificate handling, encryption fundamentals, and OpenSSH key‑based authentication.
This guide shows how to create random passwords using pwgen, generate an RSA key with OpenSSL, then encrypt and decrypt those passwords via command‑line tools, including example commands and sample outputs, while emphasizing security best practices for key handling.
This tutorial explains what HTTP/2 is, lists required OpenSSL and Nginx versions, walks through compiling OpenSSL and OpenResty with the proper flags, shows how to replace Nginx binaries, configure HTTP/2 in nginx.conf, and verify the setup using Chrome’s net‑internals tool.
This guide explains fundamental data encryption concepts, introduces PHP's openssl_encrypt function, compares common encryption modes, shows how to generate keys and initialization vectors, and provides a complete SM4‑CBC implementation with sample code and practical security precautions.
This article explains PHP's built‑in encryption functions—including OpenSSL encryption/decryption, hashing, and password handling—shows how to generate keys, encrypt and decrypt data, and provides best‑practice tips for securely protecting sensitive information in PHP applications.
The OpenSSL 3.2 Alpha has been released, adding client‑side QUIC support, TLS certificate compression, deterministic ECDSA, expanded Ed25519/Ed448 capabilities, AES‑GCM‑SIV, Argon2 with thread‑pool, HPKE, raw public‑key TLS, TCP Fast Open, pluggable post‑quantum signatures, Brainpool curves, SM4‑XTS, and optional Windows certificate‑store integration.
This guide explains three ways to generate SSL certificates using OpenSSL, including creating a private key, self‑signed certificate, and CSR‑based signing, and shows how to configure Nginx to enable HTTPS with the generated certificates.
This comprehensive guide explains the CIAA security model for network transmission, details confidentiality, integrity, authentication, and availability, and walks through building a private CA with OpenSSL, configuring TLS 1.2/1.3, HTTPS authentication modes, SNI/ESNI extensions, and upgrading curl for HTTP/2 support.
This guide shows how to generate self‑signed certificates with OpenSSL, configure Nginx as an HTTPS reverse proxy in a Docker container, install the root certificate, and adjust the hosts file so front‑end code can securely call local services during development.
This article explains why PHP7 deprecates the mcrypt extension in favor of OpenSSL, compares DES, 3DES, and AES algorithms, clarifies key length choices, outlines common encryption modes, and provides practical PHP code for encrypting and decrypting data with OpenSSL.
This guide shows how to enable HTTPS on Nginx by either obtaining a free Alibaba Cloud SSL certificate—generating a CSR, submitting it, and configuring the server—or creating a self‑signed OpenSSL certificate with custom SANs, installing it, updating hosts, and verifying the secure connection.
Version 25.1 of Erlang/OTP, the first maintenance patch for OTP 25, introduces production‑ready OpenSSL 3.0 crypto support, fixes a critical CVE‑2022‑37026 SSL/TLS client‑authentication bypass, adjusts engine loading behavior, and includes various minor bug fixes and enhancements.
The article introduces the DBLE distributed middleware, outlines the main updates in version 3.22.07.0—including read‑write splitting local read, OpenSSL support, hint‑based query plan improvements—and provides the complete release notes, bug fixes, acknowledgments, and related learning resources.
This article introduces the SSL protocol, explains why encryption is needed for database communication, and provides step‑by‑step instructions for generating self‑signed certificates with OpenSSL, converting them for Java, and configuring both DBLE server and client to use SSL, including experimental verification of encrypted versus unencrypted connections.
This article explains how to secure cross‑data‑center traffic by applying TLS principles, setting up a private Certificate Authority, generating self‑signed certificates with OpenSSL, configuring mutual TLS (mTLS) on Nginx proxies for both HTTP and TCP streams, and verifying the setup with curl and redis‑cli commands.
This article explains how to secure cross‑data‑center traffic by encrypting it with TLS/mTLS, covering the principles of TLS, certificate authority roles, generating self‑signed certificates with OpenSSL, and configuring Nginx proxies for both HTTP and TCP streams to provide transparent encrypted channels without modifying applications.
This article explains how HTTPS combines HTTP with SSL/TLS, walks through the TLS handshake steps, describes symmetric and asymmetric encryption, the role of X.509 certificates, digital signatures, certificate chains, and provides a hands‑on OpenSSL guide for manually verifying a server certificate.
This tutorial explains how to create complex, high‑entropy passwords on Linux using GPG or OpenSSL, optionally filter out special characters with sed, and then assess password strength with the cracklib‑check tool on CentOS 8, illustrating both weak and strong examples.
This tutorial explains how to retrieve the 32‑byte encryption key of the PC version of WeChat by attaching OllyDbg to the WeChat process, locating the password in memory, and then using a custom C++ program built with OpenSSL to decrypt the WeChat SQLite database files.
OpenSSL 3.0 has entered its beta stage, treated as a release candidate, inviting users to build, test, and provide feedback, while introducing a new Apache 2.0 license, provider‑based architecture, FIPS‑validated provider, pluggable TLS 1.3 groups, new encoders/decoders, CMP support, and updated APIs, with ABI changes requiring recompilation.
This article introduces the OneSM3 PHP library for the SM3 cryptographic hash, provides Composer installation steps, usage examples for string and file signing, and presents performance benchmark results comparing it with OpenSSL and another PHP SM3 implementation.
The article explains RSA key files by detailing the underlying mathematics of prime factorization and modular exponents, introduces a six‑layer abstraction from raw values to application use, demonstrates OpenSSL and keytool commands for generation, conversion, and inspection, and illustrates common deployment scenarios such as HTTPS and MySQL SSL.
This guide explains how to generate self‑signed SSL certificates with OpenSSL, configure an Nginx reverse‑proxy container via Docker, install the root certificate on the host system, and modify the hosts file so that front‑end code can securely access a local HTTP service over HTTPS.
This article explains why HTTPS is required for secure data transmission, describes symmetric and asymmetric encryption, outlines the role of CA certificates, and provides step‑by‑step commands to generate keys, create certificates, and configure Nginx to serve HTTPS traffic.
This article describes the architecture of JD.com’s JDDLB public‑traffic load balancer and details how offloading CPU‑intensive SSL/TLS cryptographic operations to Freescale C291 acceleration cards—via custom NGINX modules, OpenSSL Engine integration, and synchronous/asynchronous driver interfaces—significantly improves connection‑establishment rates and overall throughput.
This article explains how to generate PKCS#12 (p12) certificates using BouncyCastle in .NET Core, extract keys with OpenSSL, install the certificates on Windows, and demonstrates encryption and decryption with the generated keys, providing complete code samples and step‑by‑step instructions.
This article explores the original 1,000‑line Git source from its first commit, showing how to obtain, compile, and analyze the core commands and objects—init‑db, update‑cache, cat‑file, show‑diff, write‑tree, read‑tree, commit‑tree—while explaining Git’s design principles, storage layout, SHA‑1 naming, and the limitations of the initial implementation.
Learn how to protect Docker’s exposed remote management port 2375 by generating CA, server, and client certificates with OpenSSL, configuring Docker daemon for TLS verification, and adjusting docker-maven-plugin settings to safely build and push images without exposing insecure endpoints.
This article explains how an expired AddTrust External CA Root caused HTTPS requests to Sentry to fail, shows how to reproduce the error with curl and OpenSSL, and provides step‑by‑step fixes for Ubuntu, Docker‑Alpine, and macOS environments.
This guide walks you through adding a Kubernetes cloud in Jenkins, extracting and decoding the required certificates from the kube config, creating a client P12 file with OpenSSL, uploading the credentials, and testing the connection to ensure seamless CI/CD integration.
This article demonstrates how to replace the deprecated mcrypt functions in PHP with OpenSSL by providing a compact Aes class that handles AES‑128‑CBC encryption and decryption, including configuration of key, IV, and method, and shows practical usage examples.
Learn how to create high‑entropy, hard‑to‑guess passwords on Linux using three command‑line tools—pwgen, OpenSSL, and GPG—covering installation, usage options, batch generation scripts, and additional utilities for secure credential management.
This article explains the HTTPS handshake, the role of CA and root certificates, how trust chains work, and provides a step‑by‑step guide to using Fiddler for HTTPS decryption on Android, including OpenSSL commands for extracting public keys.
This guide explains why HTTPS is required for local web development, demonstrates how to create a self‑signed root CA and a wildcard domain certificate with OpenSSL, shows how to trust the root certificate on macOS, and provides example Webpack devServer and hosts file configurations for a secure local workflow.
This guide explains how to generate RSA key pairs on Linux, use OpenSSL commands, and implement PHP code for public‑key encryption, private‑key decryption, padding options, data‑size limits, and helper functions for handling messages larger than the RSA block size.
This report evaluates how enabling SSL encryption in MySQL affects transaction‑per‑second performance, compares the OpenSSL and yaSSL libraries across SSL connection and transparent encryption test groups, and analyzes the underlying CPU, I/O, and lock bottlenecks that cause the observed performance differences.
This tutorial explains how to build and integrate OpenSSL 1.1.0e for modern Android, iOS, and Linux environments, providing shell scripts for each platform, detailed configuration steps, and examples of using the resulting static libraries in C, JNI, and Java code.
The article presents a comprehensive engineering solution that separates RSA operations, employs parallel and asynchronous processing, modifies OpenSSL and Nginx event handling, and adds symmetric‑encryption optimizations to boost SSL/TLS handshake throughput by over threefold while reducing CPU load.
This article explains how to create self‑signed SSL certificates using OpenSSL, add them to browser trust stores, and configure local development servers (fekit/ykit) and Nginx for HTTPS debugging, including handling SubjectAltName issues and detailed command examples.
This article explains how to upgrade an existing HTTP backend to HTTPS by using Nginx as a reverse proxy, covering certificate generation with OpenSSL, Nginx configuration, host file adjustments, and testing steps, allowing secure communication without altering the original application code.
This article explains why internet‑financial companies need encrypted MariaDB connections, shows how to verify SSL support, and provides a detailed eight‑step procedure—including OpenSSL upgrade, CA creation, server and client certificates, MySQL configuration, and verification—to enable secure client‑server communication.
This article walks through two common pitfalls when connecting a WeChat Mini‑Program to a server—an “invalid url” error caused by using single quotes instead of backticks, and a TLS 1.2 requirement that necessitates upgrading OpenSSL and recompiling Nginx, providing step‑by‑step solutions.
This step‑by‑step guide shows how to create a private Certificate Authority, generate self‑signed and server certificates, configure Apache for HTTPS, revoke certificates, update CRLs, and test the setup using OpenSSL and curl on Linux.
A roundup of recent tech developments covering a massive US DNS outage caused by IoT‑based DDoS attacks, Apple’s addition of ARM support to macOS Sierra, Google’s evolving 20% time policy, new multi‑data‑center features in Confluent Kafka, MariaDB’s new member, a critical OpenSSL flaw, China Mobile’s OpenStack award, and Tencent’s rapid Nexus 6P hack.
On September 28 Node.js issued four security updates—including maintenance releases 0.10.47 and 0.12.16, LTS 4.6.0 Argon, and stable 6.7.0—addressing multiple CVEs such as wildcard certificate validation, HTTP header validation, OCSP extension misuse, and the SWEET32 attack, and urging users to upgrade promptly.
Next Wednesday the Node.js team will release security updates for several versions, fixing critical TLS certificate handling flaws and other vulnerabilities, while announcing the end of maintenance for the v0.10.x line and urging users to upgrade to newer releases.
This guide walks you through obtaining a trusted SSL certificate, generating keys and CSR with OpenSSL, configuring HTTPS in Nginx, and applying performance and security enhancements such as keep‑alive, session caching, HSTS, strong cipher suites, and name‑based virtual host solutions.
This article walks through a real‑world investigation of intermittent core dumps and memory leaks in a heavily modified Nginx + OpenSSL stack under extreme QPS, detailing debugging strategies, custom load‑testing tools, and performance‑profiling techniques that helped pinpoint and fix the root causes.
The article describes a real‑world investigation of extremely low‑probability core dumps and memory leaks in a heavily modified Nginx + OpenSSL stack, detailing the debugging workflow, custom high‑concurrency test harness, use of tools such as GDB, perf, Valgrind, AddressSanitizer, and the performance‑hotspot analysis that ultimately resolved the issues.
This article explains the fundamentals of SSL and OpenSSL, covering symmetric and asymmetric encryption, hash functions, secure data transmission, and how to create and use a self‑signed certificate authority for network security.
This article explains PHP's various encryption methods, covering one-way hash functions like MD5 and SHA1, symmetric algorithms, the rarely used crypt() function, and detailed implementations of asymmetric encryption with OpenSSL, including key generation, encryption, decryption, and practical code examples.
This article explains SSL fundamentals, encryption types, PKI components, and provides step‑by‑step Linux OpenSSL commands for symmetric/asymmetric encryption, hashing, password handling, key generation, private CA creation, certificate signing, and revocation, enabling secure data transmission over networks.
This article explains the fundamentals of encryption, symmetric and asymmetric cryptography, digital certificates, PKI, and provides step‑by‑step guidance on using OpenSSL to generate keys, create a private CA, issue and revoke certificates for secure data transmission.
This article explains why encrypting network traffic is essential, introduces OpenSSL’s cryptographic components, and provides a detailed, command‑line tutorial for creating a private Certificate Authority, issuing certificates, and handling revocation within a LAN environment.
