How to encrypt Messenger conversations

The security level of online conversations has been increased once again – with a new feature for the world’s most popular communicator, the Facebook Messenger App. Now, all users can send secret messages and in this article we will show you how to use them. The messages are encrypted between the recipients and a deadline… Read More »

Why do you need an SSL certificate?

Whether you are an individual or a company, you should approach online security in the same way that you would approach physical security for your home or business. Not only does it make you feel safer but it also protects the people who visit your home, place of business, or website. It is important to… Read More »

The OpenSSL CVE-2015-1793 bug – what you need to know

You must have noticed the discovery of another serious vulnerability of the OpenSSL encryption library. It was repaired immediately and today’s article will inform you about the issue, tell you if this vulnerability concerns your server and if you need to correct it. Vulnerabilities in OpenSSL Appear Regularly The discovery of any OpenSSL encryption library… Read More »

How to Achieve A+ Results in SSLlabs Test

Today’s Instructions are meant for anyone who manages their own server and wants to have the best possible SSL/TLS settings on their server. The instructions will help you no matter if you pay attention to maximal security or if you are simply competitive and want the best results possible. The SSLlabs test is a recognized… Read More »

Logjam: How to Solve a Newly Discovered Vulnerability

From the discovery and description of Heartbleed vulnerability, more and more concepts of attacks on SSL/TLS protocol and related cryptography have been appearing regularly. This article focuses on the latest described vulnerability Logjam, which is related to weak keys in Diffie-Hellman key-exchange (further just DHE and DH). The Diffie-Hellman Key-Exchange Protocol The DH protocol is… Read More »

Ready Issuance – End of Repeated Verification

You must have experienced this before: you buy several certificates a year for your company and every time you do, you get a phone call from an authority verifying you again and again. A certificate authority really does need to verify repeatedly and despite being able to use information from the past, the final verification… Read More »

SSL on Apache: How to Gain the Most from Your Certificate

SSL on Apache: How to Gain the Most from Your Certificate (11/5/2015) The use of an SSL certificate won’t automatically ensure maximum safety for the server’s visitors. The HTTPS protocol needs to be set up correctly so that the encryption methods used correspond with the current safety requirements. This article will explain to you how… Read More »

Certificate Transparency – Protection from Google

(20. 4. 2015) Certificate Transparency (further CT) is a function which increases the credibility of certificates. We wrote about it in November. You will find the theory in the article Certificate Transparency and Public Key Pinning. Today we are going to take a closer look at CT, especially its practical side and behaviour in Google Chrome browser.… Read More »

Certificate Transparency and Public Key Pinning

Certificate Transparency and Public Key Pinning (03. 03. 2015) In today’s article I am going to talk about two relatively new and little known terms, Certificate Transparency and Public Key Pinning, which are related to the security of using SSL certificates. They both try to lower the risk of issue and use of a fraudulent… Read More »