I just got a notification about the SSLv3 POODLE Vulnerability and the suggested fix is to disable SSLv3 protocol from your server that supports SSLv3. If you have your SSL certificate configured on you AWS Elastic Load Balancer, you can quickly apply this fix by logging into your AWS management console and click on your […]
Read More
The following Nginx SSL configuration gives me PCI compliance as well as protection against BEAST attacks. This configuration also ensures that forward secrecy is applied in the SSL layer. More information on forward secrecy here. So this is what my typical few lines of SSL configuration would look like in Nginx vhost: server { listen […]
Read More
This is another one for my reference. I’ve had to generate a self-signed SSL certificate quite a few times and I’m sure I’ll do it again in future. First of all, self-signed SSL certificates provide the same level of security as any other commercial ones, such as Verisign certs. The 2 main differences are: 1. […]
Read More