Note

The Funtoo Linux project has transitioned to "Hobby Mode" and this wiki is now read-only.

Difference between revisions of "Package:OpenSSL"

From Funtoo
Jump to navigation Jump to search
m (update with some content)
m (add a bit of stuff)
Line 6: Line 6:
}}
}}
{{PageNeedsUpdates}}
{{PageNeedsUpdates}}
OpenSSL is a cryptography package used with {{Package|net-misc/openssh}}, web servers, and more.  As this is a security package it is frequently cycled from testing, & bug repairs.
OpenSSL is a cryptography package used with {{Package|net-misc/openssh}}, web servers, and more.  ftps, https, smtps, imaps, etc use SSL/TLS.  SSL/TLS is used to prevent man in the middle attacks on plain text streams of data.  As this is a security package it is frequently cycled from testing, & bug repairs.
{{note|ssl is old, tls is new.  If you have the option to run tls, run tls rather than ssl}}
{{note|ssl is old, tls is new.  If you have the option to run tls, run tls rather than ssl}}


Line 13: Line 13:


=== Usage ===
=== Usage ===
ssl uses several certificates with differing coverage, and use cases.
ssl uses several certificates with differing coverage, and use cases.  Certificates are obtained by 3rd party sites.  go-daddy, namecheap, and verisign are popular ssl certificate providers, though several others exist.
 
The general overview is buy certificate, send private files, send extra information if required, get files back, insert files into openssl configs, change program configs ports to S version of the protocol, (as in for web port 80, now listens to port 443, and i address the server as https instead of http now.) reorder the cert next year.


==== Self Signed Certificates ====
==== Self Signed Certificates ====

Revision as of 10:45, March 22, 2015

OpenSSL

   Tip

We welcome improvements to this page. To edit this page, Create a Funtoo account. Then log in and then click here to edit this page. See our editing guidelines to becoming a wiki-editing pro.

OpenSSL is a cryptography package used with net-misc/openssh, web servers, and more. ftps, https, smtps, imaps, etc use SSL/TLS. SSL/TLS is used to prevent man in the middle attacks on plain text streams of data. As this is a security package it is frequently cycled from testing, & bug repairs.

   Note

ssl is old, tls is new. If you have the option to run tls, run tls rather than ssl

Installation

root # emerge dev-libs/openssl

Usage

ssl uses several certificates with differing coverage, and use cases. Certificates are obtained by 3rd party sites. go-daddy, namecheap, and verisign are popular ssl certificate providers, though several others exist.

The general overview is buy certificate, send private files, send extra information if required, get files back, insert files into openssl configs, change program configs ports to S version of the protocol, (as in for web port 80, now listens to port 443, and i address the server as https instead of http now.) reorder the cert next year.

Self Signed Certificates

Free: Self signed certificates are free, self made, quick, easy to setup, and insecure. They are great for lab experiments, and testing out new technologies that you're not familiar with.

Single Domain Certificates

Generally $10/yr: Single domain certificates are probably the cheapest ssl certificate you will find on the web. This certificate does not cover subdomains.

Unified Communications Certificate

Generally $300/yr This certificate is meant for small businesses. This type of certificate will generally cover 20-30 domains, sites, or subdomains.

Wildcard Certificates

Generally $300/yr Wildcard certificates are expensive, however they cover every subdomain name you add.

Other Misc Certs

  • domain validated SSL Certificates
  • organization validated SSL Certificates
  • Extended Validation SSL Certificates

External Resources

https://wiki.archlinux.org/index.php/OpenSSL