Today I'm releasing the second edition of OpenSSL Cookbook, my free OpenSSL book. This edition is a major update, with improvements to the existing text as well as new content. This new edition has about 95 pages, which is an increase of about 35 pages comparing to the previous release. Get it here: https://www.feistyduck.com/books/openssl-cookbook/ Here?s a brief overview of what?s new: - New chapter "Testing with OpenSSL", which focuses on secure server assessment. - New section "Recommended Configuration", which contains a list of recommended cipher suites. I now prefer to configure OpenSSL by explicitly listing all the suites I wish to enable. - New section "Creating a Private Certification Authority", which contains a step-by-step guide to creating and deploying a private CA. - Updated "SSL/TLS Deployment Best Practices" to v1.4. Important changes in this version include SHA1 deprecation and SSL v3 weaknesses (POODLE). Another important improvement is that I am switching from updating OpenSSL Cookbook once in a while (the previous edition was released in October 2013) to making small changes as the need arises. There still might be further editions, but only when and if new content is added. OpenSSL Cookbook draws from the content written for my bigger work, Bulletproof SSL and TLS. If you?re looking for a complete guide to the world of SSL/TLS and Internet PKI, give this bigger book a try. That said, the main goals of OpenSSL Cookbook are to be useful, short, and contain documentation for everything you might want to do with OpenSSL as a user (i.e., no programming). If you?re looking for something and you can?t find it in this book, please get in touch to propose improvements. Thanks! -- Ivan
