[openssl-dev] [openssl.org #4327] SSL_CTX_use_serverinfo_file() causes issues for SSL_CTX with multiple certs

When the SSL_CTX_use_serverinfo_file() function is used to configure custom TLS extension data (e.g. for SCT data), AND the SSL_CTX in question is configured for multiple server certificates, the SSL/TLS handshake can fail unexpectedly, and will not return the configured TLS extension data

[openssl-dev] [openssl.org #4205] Improve the default TLS session ticket key

The default TLS session ticket key used by OpenSSL uses AES128-CBC-SHA256; considering the security offered by newer ciphersuites, the TLS session ticket key algorithm should be updated/improved, at least to AES256-CBC-SHA256. See: https://github.com/openssl/openssl/issues/514 Cheers, TJ

[openssl.org #268] Very minor documentation patch

In the doc/openssl.txt document in openssl-0.9.7beta2, there is a very minor mistake in an example subjectAltName line in the config file: --- openssl.txt Tue Sep 19 17:50:25 2000 +++ /home/tj/openssl.txtSun Sep 1 22:08:10 2002 @@ -344,7 +344,7 @@ Examples: