Security Basics mailing list archives

Re: SSL certificate

From: harshvardhan.p () paladion net
Date: Tue, 5 Jul 2011 07:03:23 GMT

Hi Dhruval,

Like Audi mentioned, server side vulnerabilities are not affected by SSL. SSL is just used to provide encryption for 
the communication channel.

However, if you are talking about attacks on SSL itself, you might want to look at the version of SSL, ciphers suites 
used and key length. An attacker can try & break the encryption to get the actual data being transmitted. You also need 
to check the SSL certificate in use as an improper implementation can leave a site vulnerable to impersonation.

Hope this helps.

Cheers
Harsh

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Current thread:

SSL certificate dhruval1987 (Jul 01)
- Re: SSL certificate Security Auditor (Jul 04)
- <Possible follow-ups>
- Re: SSL certificate harshvardhan . p (Jul 05)