InfoQ Homepage SSL Content on InfoQ
-
Cloudflare Introduces Automatic SSL/TLS to Secure and Simplify Origin Server Connectivity
Cloudflare recently introduced new Automatic SSL/TLS settings to simplify the provider's encryption modes for communication with origin servers. This feature offers automatic configuration, ensuring security without risking site downtime.
-
Cloudflare Adapts to Let's Encrypt's Certificate Chain Expiration, Minimizing Disruption for Users
In response to the upcoming expiration of Let's Encrypt's cross-signed certificate chain with IdenTrust on September 30, 2024, Cloudflare recently discussed a change in its certificate issuance strategy. For those managing client connections to their applications, Cloudflare has recommended updating the trust store to include the ISRG Root X1 certificate.
-
.NET 7 Brings Networking Improvements
The .NET 7 launch has brought many improvements around the whole API surface of the .NET Framework. In networking operations, .NET 7 improves the capabilities and performance of the existing HTTP and WebSockets protocols. It exposed a new protocol called QUIC and has many performance improvements compared to .NET 6.
-
Google Cloud Certificate Manager Generally Available
Google Cloud recently announced the general availability of Certificate Manager, a service to acquire, manage, and deploy TLS certificates for use with Google Cloud workloads.
-
Google Cloud Introduces Certificate Manager
Google Cloud recently introduced the public preview of Certificate Manager, a service that integrates with External HTTPS Load Balancing to manage multiple certificates and domains.
-
Five Years of Lets Encrypt
Five years ago, a non-profit organisation set up a public certificate authority, with the intent of enabling websites to become more secure by default through automated provisioning of TLS certificates. Five years later, and Lets Encrypt is putting together its own top-level root CA, which will be served by default next year - but some older Android versions won't be able to use it.
-
TLS Improvements Backported to Java 8
Application Layer Protocol Negotiation is now available in Java 8, enabling software owners to communicate through HTTP/2 without a higher Java version.
-
Let's Encrypt is Revoking Three Million Certificates on March 4
Non-profit certificate authority Let's Encrypt, which provides X.509 certificates for TLS encryption at no charge, has announced it will revoke customer certificates today due to a bug in their Boulder CA software.
-
NGINX Plus Release 18 Available with Support for Dynamic Certificate Loading
NGINX has released version 18 (R18) of NGINX Plus, their all-in-one load balancer, content cache, and web server. This release includes support for dynamic certificate loading, enhancements to their OpenID Connect implementation, and the ability to specify port ranges for virtual servers.
-
Stack Overflow Becomes HTTPS by Default
Nick Craver, architecture lead at StackOverflow, has published a blog announcing StackOverflow's migration to HTTPS. Some of the technical challenges along the way included supporting hundreds of domains, migrating URL’s, user generated content, and meeting the sites stringent performance requirements.
-
Google Pushing for HTTPS
Google wants to push for HTTPS everywhere with a combination of deprecating existing Chrome features in non-secure sites, as well as new features only supported in HTTPS.
-
Lawyer.com: Early Adopter of HTTP/2, Speaks to InfoQ
Lawyer.com recently announced that they are adopting the HTTP/2 protocol. Gerald Gorman, tech entrepreneur, CEO, and co-founder of Lawyer.com, spoke to InfoQ about their technology implementation, their position on microservices and lightweight containers, their unique search engine, and their use of social media.
-
Postponing the Retirement of SHA-1
The need to retire SHA-1 faces obstacles with the access needs of users who have yet to upgrade. Facebook, Twitter, and CloudFlare have proposed an interim solution for users of these legacy devices.
-
Internet Security, TLS, and HTTP/2: A Q&A with ThoughtWorks’ Vuksanovic and Gibson
InfoQ recently sat down with Marko Vuksanovic and Sam Gibson from ThoughtWorks, and asked about their recent study of TLS/HTTPS and HTTP/2 that was published in the ThoughtWorks P2 magazine. Both Vuksanovic and Gibson shared their expertise on a range of security-focused topics, including ubiquitous computing, the workings of TLS/HTTPS, certificate trust, and the security implications of HTTP/2.
-
Symantec Accidentally Leaks Multiple Google SSL Certificates
Symantec’s Thawte unit admits that flawed internal practices allowed multiple Google SSL certificates to be released in an unauthorized manner.