Bleeping Computer

OpenSSL fixes severe DoS, certificate validation vulnerabilities

Today, the OpenSSL project has issued an advisory for two high-severity vulnerabilities CVE-2021-3449 and CVE-2021-3450 lurking in OpenSSL products. OpenSSL is a commonly used software library for ...
Threat Post

OpenSSL Patches Critical Certificate Validation Vulnerability

A high-severity bug in OpenSSL was disclosed today, and it affects only organizations that installed an update released in June, and allows anyone with an untrusted TLS certificate to become a CA.
Ars Technica

OpenSSL Certificate help

I'm trying to generate a certificate (using the openssl command line tool) that can't actually DO anything - can't sign, can't encrypt. Is this possible? It seems like the purpose of the certificate ...
Threat Post

Certificate Revocations Shoot Up in Wake of OpenSSL Heartbleed Bug

The openSSL heartbleed has led to a huge increase in the number of SSL certificates being revoked, as site owners and hosting providers go through the process of replacing vulnerable certificates. The ...
Linux Journal

Understanding Public Key Infrastructure and X.509 Certificates

An introduction to PKI, TLS and X.509, from the ground up. Public Key Infrastructure (PKI) provides a framework of encryption and data communications standards used to secure communications over ...