Warning! This technology is obsolete!

Last Updated Fri, 3 May 2019 19:45:00 -0400


SSL stands for Secure Sockets Layer and was originally created by Netscape. It is used for providing confidentiality, authenticity and integrity by establishing an encrypted link between a server and a client. This link ensures that all data passed between the web server and browsers remain private and integral. SSLv2 and SSLv3 are the 2 versions of this protocol (SSLv1 was never publicly released). After SSLv3, SSL was renamed to TLS. Those protocols are standardized and described by RFCs.

Getting Started:

Are you a developer? Get started with crucial implementation details above.
Are you an IT administrator? Get started with best practice setup details above.
Are you a Manager? Get started with best practice setup details above.

More Useful Information:


  • POODLE : The attack that killed off SSLv3.0. POODLE allows an attacker to force a SSLv3 connection and use weak configuration to break security.
  • BEAST : A vulnerability that can be exploited using browsers (HTTPS). A client side attack whose possible impacts include session hijacking.
  • Logjam An easy to exploit vulnerability if weak configuration is used. This vulnerability affects all versions of SSL/TLS.
  • ROBOT A weakness in the RSA encryption standard known as PKCS#1v1.5 that can ultimately allow an attacker to learn a secured website’s private key in a relatively short amount of time. https://robotattack.org/