Safer connections with your 1A-server

Companies with a 1A IT environment enjoy all the benefits that this solution entails. For example, connections can be made from the outside world to the different services, just as with the cloud. It is of course important that these connections are as safe as possible. Therefore, recently a major security upgrade has been conducted.

With this upgrade, the OpenSSL system library and a number of services have been updated.

What is OpenSSL?

OpenSSL is an open source implementation of the SSL/TLS protocol which ensures that communication taking place between systems is encrypted.

Why upgrade?

Several problems have been discovered in the older SSL protocols, making these unsafe to use. The previous version of OpenSSL only supported the v1.0 family. As more and more client software no longer accepts SSL and supports TLS, the time cane to also support the latest TLS versions on the 1A-server.

What do we use it for?

If you build a piece of software, you do not have to reinvent the wheel: you can use calls to software libraries (on Windows: DLLs). OpenSSL is such a library.

Examples of software on the 1A-server using OpenSSL: OpenLDAP (users and groups), Samba (shares), MariaDB (databases), Apache and PHP (Webindex), Squid (web proxy), FreeRADIUS (wifi authentication) and Zarafa (groupware).

When building the software, links to the used libraries are added. The software on the 1A-server which uses OpenSSL still works fine with the older version, but to enable support for the new TLS versions, each relevant package must be rebuilt with the new OpenSSL version. This causes upgrading only OpenSSL to be insufficient.

More information on OpenSSL and SSL / TLS is available at Wikipedia:


Richard de Vroede

A perfectionistic Jack-of-all-trades who dedicates all of his passion to his work.