Tag: ssl

Loadbalancer.org releases patch for the Openssl heartbleed vulnerability CVE-2014-0160

  Vulnerability Description The bug is in OpenSSL’s implementation of the TLS/DTLS (transport layer security protocols) heartbeat extension (RFC6520). When it is exploited it leads to the leak of memory contents from the server to the client and from the client to the server. For more details, please refer to: http://heartbleed.com/   1) Updating the Hardware & Virtual Appliance   Appliance Software Versions Affected : v7.5, v7.5.1, v7.5.2, v7.5.3, v7.5.4   Hotfix Details : The hotfix includes a recompiled version of OpenSSL with the compile option “-DOPENSSL_NO_HEARTBEATS” which mitigates the vulnerability

SSL Offload Testing with HAProxy and Stunnel

There are a lot of SSL offload throughput statistics available for appliances across the internet but rarely do they detail the way they were tested we at loadbalancer.org wish to change that. What is SSL offloading/SSL Termination? SSL offloading is the process of moving SSL traffic decryption and encryption away from your web servers onto a centralised device, be it a loadbalancer or specific SSL offloading hardware

SSL Termination & The BEAST

Over the last few weeks we have seen more and more users reporting that they have run a security check on the SSL certificate thats installed on their Loadbalancer appliance using the Trustworty Internet Movement web site (https://www.trustworthyinternet.org/ssl-pulse/). The idea behind the site is basically to test as many SSL certificates on the Internet as