Threat Post

OpenSSL Patches Critical Certificate Validation Vulnerability

A high-severity bug in OpenSSL was disclosed today, and it affects only organizations that installed an update released in June, and allows anyone with an untrusted TLS certificate to become a CA.
Ars Technica

Help! openssl self-signed self-issued certificate SNAFU!

Last night, I decided to up the ante and "upgrade" my perfectly working self-signed self-issued SSL certificate from valid for 365 days and (default RSA?) 1024-bit to valid for 4096 days and RSA ...