If you’re a Mac user who utilizes Terminal.app with any regularity you have probably run into some Linux servers where the Mac Delete key behaves as forward delete instead of backspace (Ubuntu, Debian, and a few other distributions have this issue). This is a really obnoxious problem, but fortunately there is an easy global fix. [...]

Recently I needed to do some performance testing of an SSL instance on a VM. I considered using JMeter, but decided to use OpenSSL to get a rudimentary picture instead. To obtain a basic result, we connect to the server and pull the /index.php file. You can specify whatever file you’d like to download, or [...]

OpenSSL provides several tools that allow you to RSA encrypt/sign arbitrary data files. Of course, directly RSA encrypting large volumes of data is impractical because the encrypted/signed data cannot exceed the size of the key material. This is one of the reasons why SSL connections typically handshake and then pass an AES (or RC4, et [...]

Continuing the howto nature of this blog (and its peculiar obsession with OpenSSL), here’s a primer on packaging an arbitrary number of certificates into a single PKCS7 container. These files are quite useful for installing multiple certificates on Windows servers. They differ from PKCS12 (PFX) files in that they can’t store private keys. If you [...]

As promised, Fidgetr 1.0 has been released. Here are the improvements since the last time I posted about it: Incremented version to 1.0 to catch users stuck at versions earlier than 0.6.1. Welcome back to the cutting edge! Reworked the crossfade theme JS to fix some bugs and dramatically simplify the code. Photoset support! Display [...]

If you deal with SSL/TLS long enough you will run into situations where you need to examine what certificates are being presented by a server to the client. The best way to examine the raw output is via (what else but) OpenSSL.1 First let’s do a standard webserver connection (-showcerts dumps the PEM encoded certificates [...]