The majority of the Internet is powered by open source products, and virtually all of those projects rely on OpenSSL. Apache httpd has long been a favorite, but itís now being pursued by nginx, which is increasingly gaining in popularity. And, even in the Java camp, Apache Tomcat performs better when coupled with OpenSSL, replacing the native Java implementation of SSL/TLS.
As a bonus, the appendix includes the complete SSL/TLS Deployment Best Practices, a concise guide to secure development and deployment of web sites and other SSL/TLS services.
The book is available in PDF, EPUB, and Kindle formats. It is also continuously updated to stay current with changes to OpenSSL and the threats against encryption.
Author: Ivan Ristic is a security researcher, engineer, and author, known especially for his contributions to the web application firewall field, development of ModSecurity, an open source web application firewall, and his SSL/TLS and PKI research, tools, and guides published on the SSL Labs web site. Heís currently Director of Application Security Research at Qualys.