My nginx SSL Configuration with WordPress Using Domain Mapping

Introduction If it’s not obvious I use WordPress for my (this) blog. It is a Multi-Site setup so I can use the same installation for other blogs (wife) and sites (personal/professional) I host. I also use the WordPress MU Domain Mapping plugin to assign specific domains to certain sites that are separate from the nachtimwald […]

Client Side Session Cache in OpenSSL

Building on Server Side Session Cache in OpenSSL we need to deal with the Client side. The OpenSSL documentation for SSL_CTX_set_session_cache_mode has an option for client caching. However, it states that, “the application must select the session to be reused by using the SSL_set_session(3) function.” It also states that the client cache is not enabled […]

Server Side Session Cache in OpenSSL

At work (information posed with permission from my employer) we’ve been looking into session caching with OpenSSL. We started this by looking at the server and found that by default OpenSSL will enable and use a session cache when acting as the server. However, there are two major things we found in how it works. […]

Enable DH and ECDH in OpenSSL (Server)

Recently at work we were looking into Forward Secrecy (FS). We were using Qualys SSL Server Test and noticed that Forward Secrecy was showing as NO. We decided to look into this because we want to use the most robust security we can. What we found was none of the supported cipher suites showed Diffie–Hellman […]