Bulletproof SSL and TLS has been released!

It gives me great pleasure to announce that my book, Bulletproof SSL and
, has now been officially released. Writing it took me more than two years
(I started in May 2012, believe it or not), during which I spent the
equivalent of about 7 months of full time work.

The end result is about 528 pages of text (in print; 513 in the version
optimised for screen reading) spread across 16 chapters. The book is a
complete package with an introduction to cryptography, SSL, TLS, and PKI,
followed by a complete coverage of the current problems with the
protocols as well as the entire ecosystem, and a ton of practical advice for
configuration and performance tuning. OpenSSL is well covered with two
chapters, and there’s a chapter for each of Apache, Java and Tomcat, Microsoft
and IIS, and Nginx.

During July I went through the entire book to update and refresh the
earlier chapters. I extended the OpenSSL chapter with a
section on running private certification authorities. The Apache and Nginx
chapters were extended to include client certificate authentication. Apache
2.4.10 introduced some changes to how it handles SNI and, naturally, I
needed to include that in the book, too. I added Preface to the
beginning and Summary to the end. Finally, I added the index, without which
the print edition wouldn’t be complete.

If you purchased the early access edition since we had announced it in
February, now is a good time to go back to the Feisty Duck web
and download the final files. (Final for now, that is.) If you purchased the
paper version, your book is currently being printed and will be shipped to
you soon.

For more information about Bulletproof SSL and TLS, please visit the Feisty Duck web