Network Security with OpenSSL: Cryptography for Secure Communications
$12.64 Save:$27.00(68%)
Available in stock
Description
Price: $39.95 - $12.64
(as of Jul 10, 2024 02:24:31 UTC – Details)
Most applications these days are at least somewhat network aware, but how do you protect those applications against common network security threats? Many developers are turning to OpenSSL, an open source version of SSL/TLS, which is the most widely used protocol for secure network communications. The OpenSSL library is seeing widespread adoption for web sites that require cryptographic functions to protect a broad range of sensitive information, such as credit card numbers and other financial transactions. The library is the only free, full-featured SSL implementation for C and C++, and it can be used programmatically or from the command line to secure most TCP-based network protocols. Network Security with OpenSSL enables developers to use this protocol much more effectively. Traditionally, getting something simple done in OpenSSL could easily take weeks. This concise book gives you the guidance you need to avoid pitfalls, while allowing you to take advantage of the library?s advanced features. And, instead of bogging you down in the technical details of how SSL works under the hood, this book provides only the information that is necessary to use OpenSSL safely and effectively. In step-by-step fashion, the book details the challenges in securing network communications, and shows you how to use OpenSSL tools to best meet those challenges. As a system or network administrator, you will benefit from the thorough treatment of the OpenSSL command-line interface, as well as from step-by-step directions for obtaining certificates and setting up your own certification authority. As a developer, you will further benefit from the in-depth discussions and examples of how to use OpenSSL in your own programs. Although OpenSSL is written in C, information on how to use OpenSSL with Perl, Python and PHP is also included. OpenSSL may well answer your need to protect sensitive data. If that?s the case, Network Security with OpenSSL is the only guide available on the subject.
ASIN : 059600270X
Publisher : O’Reilly Media; 1st edition (July 23, 2002)
Language : English
Paperback : 384 pages
ISBN-10 : 9780596002701
ISBN-13 : 978-0596002701
Item Weight : 1.12 pounds
Dimensions : 7 x 0.9 x 9.19 inches
Customers say
Customers find the book’s documentation well-explained and useful. They also say the content is very helpful.
AI-generated from the text of customer reviews
bzy –
An essential introduction and reference for OpenSSL programming
Let’s get this out of the way: if you’re starting a new project and you need a SSL library, then OpenSSL is *not* the library you are looking for. The library documentation, and the API, are so confusing as to make one’s eyes bleed. Confusing and often-undocumented default settings for an armada of parameters, and entirely missing documentation for certain important features, makes it too easy to achieve “security” with massive holes, and makes it too difficult to implement security according to accepted best practices. Speaking as someone who has used OpenSSL – you have better choices.That said, if you *must* use OpenSSL for some reason or other, then this book is the missing user manual that the library so desperately needs. It does a good job explaining the library APIs, both libssl and libcrypto, and additionally provides worked examples of common implementation tasks. It explains things well enough that, once you’ve read through it and rewritten the examples on your own, the library begins to make some sort of *sense* – if such a thing is really possible – and, if you combine this book with the library docs (which will now be less confusing) and the source for the OpenSSL command-line tools (which will now even be *legible*!), you now stand a chance of successfully building something useful.There is an important caveat: this book was written for a much earlier version of OpenSSL, and thus certain important features are referred to by the book as “not yet available” or are simply not mentioned. That said, this will be less of an obstacle once you reach the point when the library begins to make its own strange sort of sense.If your project requires OpenSSL, and there’s really no way around it, then get this book. It will save you *months* of fruitlessly spinning your wheels, and it will get you on track.
John H –
Excellent book on OpenSSL
As a software developer writing both client and server based SSL code, this book helped a lot. There are a lot of details that are missing from the OpenSSL documentation that are covered in this book.I am hoping that the author will publish a new version to cover the 1.0 release.Very easy read for an experienced C/C++ developer with a number of code examples.I give this book an 8+ and is a permanent part of my coding library.
Ad Lagendijk –
Very useful book
Without people realizing it the majority of SSL enabled websites worldwide are using the OpenSSl library (through the Apache web server). Only large companies like Microsoft can afford to develop their own proprietary implementation of SSL.The SSL library is C-library easily compiled as C++, and ported to PHP, PERL and JAVA etc.It can be as has been compiled under Windows, Mac and Linux. OpenSSL is even shipped with Mac and Linux.The OpenSSL package basically consists of two parts (i) the SSL part and (ii) the cryptographic library.Given the large cross-platform functionality it should not come as a surprise that the souce code documentation is not always up to date.This book is a welcome guide to OpenSSL. I guess that the vast majority of programmers developing secure programs use OpenSSL, either directly or indirectly. Without the book one has to continuously search on the Internet for code examples.In this book all aspects of OpenSSL programming are illustrated with real life C examples. I have downloaded the source code of quite a number and I found them extremely helpful.The OpenSSL package has also a number of utilities that can be run from the command line. This books describes it and gives some real examples. I have tried them all successfully.The book describes SSL/TLS programming, symmetric encryption (low-level and intermediate level), Hashes/MACS, and Public Key cryptography.I think reading this book, together withÂ
Jeffrey Z. Wolf –
Happy with my purchase
I purchased this book in an effort to quickly get up speed with creating self-signed certificates for both client and server. I was able to use examples in this book to do so. I found the examples I needed, executed them as specified in the book and was able to create working self-signed certificates. So for the usage model that I had for this book, it delivered.
Kevin J. Schmidt –
The only SSL book you’ll need..
My title says it all. If you are a programmer who needs to use OpenSSL in a custom client/server application, then get this book. The code examples and corresponding text make perfect sense. The authors also go to great trouble to make sure you know the correct way in which to use the OpenSSL package. The book also covers using the openssl command-line utility. If you’ve ever pulled your hair out trying to understand how to use OpenSSL or have read the VERY incomplete documentation, then buy this book and have all your questions answered.
hqnguyen52 –
Five Stars
Good source of info about security.
Binary Buddha –
Needs to be updated
It’s a good “basic” book. But, it’s kind of out-of-date in this day and age.
jimr –
Three Stars
Too in depth for me, but if SSL is something you MUST know about, this book will help you.
Peluche –
… puedes leer temas basicos como la funcion de las emisoras de certificados, te dice como instalar tu propio server. Aunque algunas apis ya estan obsoletas, no he encontrado otro libro mas nuevo….
S Daly –
If you’ve worked with openssl before, you’ll know the APIs are a pig to use. Mainly because the functions have such short names, the documentation is pretty bare and there’s a lack of examples. It’s easy to get things wrong.Some APIs mentioned in the book are deprecated, but in general most of the background info is still sound. If you need to use openssl then it’s definitely worth a read.I spent a day trying to work out how to DER encode an RSA key, and within minutes of owning this book I found a one liner example with the code to do it. The info around the openssl error queue mechanism is especially useful.
Francesco –
Buon testo. Venditore serio.
Amazon Customer –
My son has used the book to complete a project and he was very happy to find the right answers and details that would have been much more difficult and lengthy to find searching on the Internet.
h3nky –
This book explains detail on how to use OpenSSL to write application with SSL.