Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Is OpenSSL used in Windows 2008 R2

Posted on 2014-04-14
5
Medium Priority
?
7,743 Views
Last Modified: 2014-04-14
Does Windows 2008 R2 & IIS that comes with it
use OpenSSL at all?

Or generally people will buy certs & use 3rd party
SSL ?
0
Comment
Question by:sunhux
5 Comments
 
LVL 23

Assisted Solution

by:Patrick Bogers
Patrick Bogers earned 280 total points
ID: 39998619
Openssl is a linux machanism. Windows doesnt use it.
0
 
LVL 35

Accepted Solution

by:
Dan Craciun earned 520 total points
ID: 39998632
@Patricksr1972: you mean it's not installed by default.

No one is preventing you from installing and using OpenSSL in a Windows environment.
http://gnuwin32.sourceforge.net/packages/openssl.htm

HTH,
Dan
0
 
LVL 23

Expert Comment

by:Patrick Bogers
ID: 39998642
@Dan Craciun, i stand corrected, yes it is what i mean...
0
 
LVL 54

Assisted Solution

by:Scott Fell, EE MVE
Scott Fell,  EE MVE earned 320 total points
ID: 39998703
If you are talking about issues with the heartbleed bug, Microsoft servers are generally good because MS uses it's own.  If you use a panel like plesk, that does use open ssl but I know at least plesk 11.5 for windows is does not use the affected version of OpenSSL.
0
 
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 480 total points
ID: 39998731
Indeed. IIS uses SChannel, as does all commercial Microsoft software.

Many third party products use the ssl dlls, but most are still using 1.0 or earlier, use of the "leading edge" version is the exception not the rule.

search windows for libeay32.dll

if the properties of the file say it isn't running 1.0.1, then its not an issue - 1.0.0 and earlier is fine.  If it is there, and is running 1.0.1, then you will need to identify what code uses it.
0

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
This article investigates the question of whether a computer can really be cleaned once it has been infected, and what the best ways of cleaning a computer might be (in this author's opinion).
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

879 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question