If your job has something to do with security, web development, or system administration, you can’t avoid having to deal with OpenSSL on at least some level. This book is intended primarily for OpenSSL users who need to perform routine tasks of key and certificate generation and configure programs that rely on OpenSSL for SSL/TLS functionality.
The majority of the Internet is powered by open source products, and virtually all of those projects rely on OpenSSL. Apache httpd has long been a favorite, but it’s now being pursued by nginx, which is increasingly gaining in popularity. And, even in the Java camp, Apache Tomcat performs better when coupled with OpenSSL, replacing the native Java implementation of SSL/TLS.
As a bonus, the appendix includes the complete SSL/TLS Deployment Best Practices, a concise guide to secure development and deployment of web sites and other SSL/TLS services.
The book is available in PDF, EPUB, and Kindle formats. It is also continuously updated to stay current with changes to OpenSSL and the threats against encryption.
Author: Ivan Ristic is a security researcher, engineer, and author, known especially for his contributions to the web application firewall field, development of ModSecurity, an open source web application firewall, and his SSL/TLS and PKI research, tools, and guides published on the SSL Labs web site. He’s currently Director of Application Security Research at Qualys.