{"id":21567,"date":"2014-04-14T12:10:45","date_gmt":"2014-04-14T10:10:45","guid":{"rendered":"https:\/\/mamchenkov.net\/wordpress\/?p=21567"},"modified":"2014-04-14T12:10:45","modified_gmt":"2014-04-14T10:10:45","slug":"ssl-labs-deploying-forward-secrecy","status":"publish","type":"post","link":"https:\/\/mamchenkov.net\/wordpress\/2014\/04\/14\/ssl-labs-deploying-forward-secrecy\/","title":{"rendered":"SSL Labs: Deploying Forward Secrecy"},"content":{"rendered":"<!-- google_ad_section_start -->\n<p><a href=\"https:\/\/community.qualys.com\/blogs\/securitylabs\/2013\/06\/25\/ssl-labs-deploying-forward-secrecy\">SSL Labs: Deploying Forward Secrecy<\/a><\/p>\n<blockquote><p>With revelations about mass surveillance in the news everywhere, an obscure feature of SSL\/TLS called\u00a0<em>Forward Secrecy<\/em>\u00a0has suddenly become very interesting. So what is it, and why is it so interesting now?<\/p><\/blockquote>\n<!-- google_ad_section_end -->\n","protected":false},"excerpt":{"rendered":"<!-- google_ad_section_start -->\n<p>SSL Labs: Deploying Forward Secrecy With revelations about mass surveillance in the news everywhere, an obscure feature of SSL\/TLS called\u00a0Forward Secrecy\u00a0has suddenly become very interesting. So what is it, and why is it so interesting now?<\/p>\n<!-- google_ad_section_end -->\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"link","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"_links_to":"","_links_to_target":""},"categories":[1,62,1334],"tags":[200],"keyring_services":[],"class_list":["post-21567","post","type-post","status-publish","format-link","hentry","category-general","category-technology","category-web-work","tag-security","post_format-post-format-link"],"aioseo_notices":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack-related-posts":[{"id":21494,"url":"https:\/\/mamchenkov.net\/wordpress\/2014\/04\/10\/qualys-ssl-labs-ssl-server-test\/","url_meta":{"origin":21567,"position":0},"title":"Qualys SSL Labs : SSL Server Test","author":"Leonid Mamchenkov","date":"April 10, 2014","format":"link","excerpt":"Qualys SSL Labs : SSL Server Test This free online service performs a deep analysis of the configuration of any SSL web server on the public Internet.","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":27287,"url":"https:\/\/mamchenkov.net\/wordpress\/2017\/02\/01\/dissecting-an-ssl-certificate\/","url_meta":{"origin":21567,"position":1},"title":"Dissecting an SSL certificate","author":"Leonid Mamchenkov","date":"February 1, 2017","format":false,"excerpt":"Julia Evans does it again. \u00a0If you ever wanted to understand SSL certificates, her post \"Dissecting an SSL certificate\" is for you. \u00a0 This part made me smile: Picking the right settings for your SSL certificates and SSL configuration on your webserver is confusing. As far as I understand it\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":26999,"url":"https:\/\/mamchenkov.net\/wordpress\/2016\/11\/28\/s3-static-site-with-ssl\/","url_meta":{"origin":21567,"position":2},"title":"S3 static site with SSL","author":"Leonid Mamchenkov","date":"November 28, 2016","format":false,"excerpt":"\"S3 static site with SSL and automatic deploys using Travis\" is a goldmine of all those simple technologies tied into a single knot for an impressive result. \u00a0It has a bit of everything: Jekyll - simple, blog-aware, static sites engine, for managing content. GitHub - for version control of the\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"s3-static-site","src":"https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2016\/11\/s3-static-site-479x500.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":25977,"url":"https:\/\/mamchenkov.net\/wordpress\/2016\/03\/29\/cipherli-st-strong-ciphers-for-apache-nginx-and-lighttpd\/","url_meta":{"origin":21567,"position":3},"title":"Cipherli.st &#8211; strong ciphers for Apache, Nginx and Lighttpd","author":"Leonid Mamchenkov","date":"March 29, 2016","format":false,"excerpt":"Cipherli.st - provides ready to use cipher configurations for a variety of applications, such as Apache, Nginx, Lighttpd, HAProxy, Exim, Postfix, Dovecot, OpenSSH, and others. \u00a0This is a huge time-saver for those of us not well versed in cryptography and security. Don't forget to use Qyalis SSL Labs SSL Server\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":39409,"url":"https:\/\/mamchenkov.net\/wordpress\/2019\/03\/20\/htrace-sh-http-https-troubleshooting-and-profiling-tool\/","url_meta":{"origin":21567,"position":4},"title":"htrace.sh &#8211; HTTP\/HTTPS troubleshooting and profiling tool","author":"Leonid Mamchenkov","date":"March 20, 2019","format":false,"excerpt":"htrace.sh is a handy command-line tool for HTTP\/HTTPS troubleshooting and profiling. It also integrates with a number of other security tools, like nmap, SSL Labs, subfinder, etc.","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2019\/03\/htrace.sh_preview.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2019\/03\/htrace.sh_preview.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2019\/03\/htrace.sh_preview.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2019\/03\/htrace.sh_preview.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":26208,"url":"https:\/\/mamchenkov.net\/wordpress\/2016\/06\/27\/lets-encrypt-on-centos-7-and-amazon-ami\/","url_meta":{"origin":21567,"position":5},"title":"Let&#8217;s Encrypt on CentOS 7 and Amazon AMI","author":"Leonid Mamchenkov","date":"June 27, 2016","format":false,"excerpt":"The last few weeks were super busy at work, so I accidentally let a few SSL certificates expire. \u00a0Renewing them is always annoying and time consuming, so I was pushing it until the last minute, and then some. Instead of going the usual way for the renewal, I decided to\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"jetpack_sharing_enabled":true,"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/posts\/21567","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/comments?post=21567"}],"version-history":[{"count":0,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/posts\/21567\/revisions"}],"wp:attachment":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/media?parent=21567"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/categories?post=21567"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/tags?post=21567"},{"taxonomy":"keyring_services","embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/keyring_services?post=21567"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}