Most applications these days are at least somewhat network aware, but how do you protect those applications against common network security threats? Many developers are turning to OpenSSL, an open source version of SSL/TLS, which is the most widely used protocol for secure network communications. The OpenSSL library is seeing widespread adoption for web sites that require cryptographic functions to protect a broad range of sensitive information, such as credit card numbers and other financial transactions. The library is the only free, full-featured SSL implementation for C and C++, and it can be used programmatically or from the command line to secure most TCP-based network protocols. Network Security with OpenSSL enables developers to use this protocol much more effectively. Traditionally, getting something simple done in OpenSSL could easily take weeks. This concise book gives you the guidance you need to avoid pitfalls, while allowing you to take advantage of the library?s advanced features. And, instead of bogging you down in the technical details of how SSL works under the hood, this book provides only the information that is necessary to use OpenSSL safely and effectively. In step-by-step fashion, the book details the challenges in securing network communications, and shows you how to use OpenSSL tools to best meet those challenges. As a system or network administrator, you will benefit from the thorough treatment of the OpenSSL command-line interface, as well as from step-by-step directions for obtaining certificates and setting up your own certification authority. As a developer, you will further benefit from the in-depth discussions and examples of how to use OpenSSL in your own programs. Although OpenSSL is written in C, information on how to use OpenSSL with Perl, Python and PHP is also included. OpenSSL may well answer your need to protect sensitive data. If that?s the case, Network Security with OpenSSL is the only guide available on the subject.

Amazon.com® Reader Reviews (Ranked by Helpfulness)

Average Amazon.com® Rating:  Based on 12 Ratings

good for programmers - 2008-02-27
Reviewer Rating:
Contents: intro, openssl command line, PKI, then programming: support infrastructure, ssl, symmetric keys, hashes, public keys, and openSSL for Perl, Python, and PHP.

As others have noted, this is a great book for programming. It's not as detailed if you are looking to set up your own PKI. Basically it is about 30 pages of the openssl command (using symmetric keys, generating private keys, making certificates, signing them) and ~270 pages or so of programming.

O'Reilly's OpenSSL Book needs updating - 2009-06-10
Reviewer Rating:
This is a great book on cryptography, OpenSSL utilities and its API. The copyright is 2002 and no second edition was ever done. As such some of the openssl command-line syntax is out-dated, but the concepts certainly are not. While I wish we could ping Viega, et al., to kick out another edition this book is a staple on my shelf, backpack or in the mess on my desk!

If it weren't for this book, I don't know where I would be... - 2008-07-29
Reviewer Rating:
Everything I needed to know to write code supporting certificates, multi-threading and error reporting was explained in the first five chapters. Without this book to tie together disparate facts, I probably would still be scrounging through Google hits, forums and the OpenSSL source code. At least a week of research and experimentation (non-billable hours) were saved. Highly recommended.

Happy with my purchase - 2009-08-31
Reviewer Rating:
I purchased this book in an effort to quickly get up speed with creating self-signed certificates for both client and server. I was able to use examples in this book to do so. I found the examples I needed, executed them as specified in the book and was able to create working self-signed certificates. So for the usage model that I had for this book, it delivered.

Another example of how NOT to write a technical book - 2009-07-20
Reviewer Rating:
Although I haven't finished reading the book yet, my level of frustration with it warrants a review. I'll update the review if I change my mind. Setting aside the many typos (e.g. bottom of p. 86), the fact that the book is now 7-8 years out of date, and explanations of functions that are frequently less clear than the online documentation, my complaint has to do with the almost randomized organization of the material. The first chapter is an overview that focuses on jargon more than anything; in particular it doesn't provide a clear description of exactly what happens when an SSL connection is established (the single most important detail for understanding everything that follows). This renders the second chapter on the command line interface next to useless, since it's only somewhat clear what these commands are doing -- shouldn't this material come after almost everything else? The 3rd chapter shows how to generate public keys without explaining clearly how they're used, and the 4th chapter jumps right into multithreading support, abstract I/O, and random number generation. Where the authors just writing down whatever popped into their heads next? Where were the editors on this project?

It does contain some useful information, hence the 2 stars, but the authors' horrible writing style and inability to organize their thoughts really makes me want to give a 1-star review. Terrible book, although still better than the online documentation overall. And unfortunately, no one appears to have a written a better one (as of July 2009).

Browse Similar Topics

Top Level Categories:
Networking
Security

Sub-Categories:
Networking > Security
Security > Networking