PC World

CloudFlare can provide its caching service without your SSL keys

CloudFlare said it has engineered a novel way to handle sensitive encryption keys that allows organizations such as financial institutions to still use its caching service to fend off cyberattacks.
Ars Technica

In-depth: How Cloudflare promises SSL security—without the key

Content delivery network and Web security company Cloudflare has made a name for itself by fending off denial-of-service attacks against its customers large and small. Today, it’s launching a new ...
eWeek

CloudFlare’s Keyless SSL Takes New Approach to Cloud Security

Dr. Chris Hillman, Global AI Lead at Teradata, joins eSpeaks to explore why open data ecosystems are becoming essential for enterprise AI success. In this episode, he breaks down how openness — in ...
Threat Post

Group Publishes Database of Embedded Private SSL Keys

A new project has produced a large and growing list of the private SSL keys that are hard-coded into many embedded devices, such as consumer home routers. The LittleBlackBox Project comprises a list ...
Ars Technica

mod_ssl keeps forgetting private key password?

openssl req -new -out server.csr -newkey rsa:2048 -keyout server.key Gave the CSR to our inhouse CA and got back a cert, saved as server.cer. Put all the relevant paths into httpd-ssl.conf: Code: ...
Dark Reading

Emergency SSL/TLS Patching Under Way

The race is on to fix SSL-based websites and software in the wake of a newly revealed and dangerous flaw in the popular OpenSSL library for encrypting HTTP traffic, with nearly one-third of major ...