Solved

Is OpenSSL used in Windows 2008 R2

Posted on 2014-04-14
5
6,738 Views
Last Modified: 2014-04-14
Does Windows 2008 R2 & IIS that comes with it
use OpenSSL at all?

Or generally people will buy certs & use 3rd party
SSL ?
0
Comment
Question by:sunhux
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 23

Assisted Solution

by:Patrick Bogers
Patrick Bogers earned 70 total points
ID: 39998619
Openssl is a linux machanism. Windows doesnt use it.
0
 
LVL 35

Accepted Solution

by:
Dan Craciun earned 130 total points
ID: 39998632
@Patricksr1972: you mean it's not installed by default.

No one is preventing you from installing and using OpenSSL in a Windows environment.
http://gnuwin32.sourceforge.net/packages/openssl.htm

HTH,
Dan
0
 
LVL 23

Expert Comment

by:Patrick Bogers
ID: 39998642
@Dan Craciun, i stand corrected, yes it is what i mean...
0
 
LVL 53

Assisted Solution

by:Scott Fell, EE MVE
Scott Fell,  EE MVE earned 80 total points
ID: 39998703
If you are talking about issues with the heartbleed bug, Microsoft servers are generally good because MS uses it's own.  If you use a panel like plesk, that does use open ssl but I know at least plesk 11.5 for windows is does not use the affected version of OpenSSL.
0
 
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 120 total points
ID: 39998731
Indeed. IIS uses SChannel, as does all commercial Microsoft software.

Many third party products use the ssl dlls, but most are still using 1.0 or earlier, use of the "leading edge" version is the exception not the rule.

search windows for libeay32.dll

if the properties of the file say it isn't running 1.0.1, then its not an issue - 1.0.0 and earlier is fine.  If it is there, and is running 1.0.1, then you will need to identify what code uses it.
0

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question