Very good article. Informative and easy to follow.

When you mention whether to add a passphrase or not you state at the end that the passphrase will just protect you against script kiddies, not against the professional hacker. Don't you want to be protected against script kiddies since these are ...

[ more ]  [ reply ]

The command to see supported cipher suites is:

openssl ciphers -v 'HIGH:MEDIUM:!aNULL:+SHA1:+MD5:+HIGH:+MEDIUM'

The backslash escape on the exclamation mark should be removed due to the single quotes....

[ more ]  [ reply ]

I almost have everything working. I am on a Windows server setting up option 3 self signed certs and i get all the way to where i am creating the CLIENT CERT and i get the follow error.

C:\apache2triad\opssl\bin>

openssl ca -config openssl.cnf -policy policy_anything -extensions ssl_server -out ...

[ more ]  [ reply ]