Our goals at F5 NGINX include not only building great open source software that enables modern applications and Platforms Ops practices, but also making the technology world more secure. We take great pride in our security efforts, and also recognize that it takes a broader team to secure the technology fabric we all increasingly rely on in our daily lives. We are proud to announce our sponsorship of two of the open source projects that are crucial in securing technology across the globe – Let’s Encrypt and OpenSSL.
Let’s Encrypt
Let’s Encrypt has lowered the barrier to security by making it, quite literally, free to obtain and deploy digital certificates. More specifically, the mission of Let’s Encrypt is to create a more secure World Wide Web by promoting the widespread adoption of HTTPS. To do this, Let’s Encrypt runs the world’s largest certificate authority, securing more than 260 million websites and simplifying certificate management by automating many of the tedious manual steps, such as payment, web server config, email validation, and certificate renewal.
It is not an overstatement to say that Let’s Encrypt has been one of the major reasons why the rollout of TLS encryption has been so successful. We like Let’s Encrypt so much that we recommend it to our customers and have even built some recipes to automate the process of using Let’s Encrypt as a certificate authority with NGINX Ingress Controller and NGINX Service Mesh.
OpenSSL
OpenSSL is another unsung hero of global technology security. A small core team builds and maintains “a robust, commercial‑grade, and full‑featured toolkit” for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. OpenSSL publishes a free and open source cryptography library under a permissive Apache‑style license, as an alternative to proprietary cryptography libraries which can cost tens or hundreds of thousands of dollars per year. By removing this cost barrier, OpenSSL has enabled millions of organizations to implement stronger security than they could have otherwise.
Join Us in Supporting Open Source Software
NGINX believes that open source is the way and the future of global technology security. We in the open source community are all in this together. Encouraging the broader use of core foundational security benefits us all by reducing the attack surface of the global application infrastructure. The real heroes here, of course, are the project maintainers and contributors. They are selfless and awesome.
We hope that our support makes it easier for Let’s Encrypt and OpenSSL to do their important work. Please join us in supporting them – and other open source projects – in any way you can. If you know of other projects that deserve support, please let us know in the comments section.
About the Author
Related Blog Posts
Secure Your API Gateway with NGINX App Protect WAF
As monoliths move to microservices, applications are developed faster than ever. Speed is necessary to stay competitive and APIs sit at the front of these rapid modernization efforts. But the popularity of APIs for application modernization has significant implications for app security.
How Do I Choose? API Gateway vs. Ingress Controller vs. Service Mesh
When you need an API gateway in Kubernetes, how do you choose among API gateway vs. Ingress controller vs. service mesh? We guide you through the decision, with sample scenarios for north-south and east-west API traffic, plus use cases where an API gateway is the right tool.
Deploying NGINX as an API Gateway, Part 2: Protecting Backend Services
In the second post in our API gateway series, Liam shows you how to batten down the hatches on your API services. You can use rate limiting, access restrictions, request size limits, and request body validation to frustrate illegitimate or overly burdensome requests.
New Joomla Exploit CVE-2015-8562
Read about the new zero day exploit in Joomla and see the NGINX configuration for how to apply a fix in NGINX or NGINX Plus.
Why Do I See “Welcome to nginx!” on My Favorite Website?
The ‘Welcome to NGINX!’ page is presented when NGINX web server software is installed on a computer but has not finished configuring