Issues and Fixes
May 1, 2014

OpenSSL and Heartbleed clarification in Sahi Pro

One of our support requests asked about the version of openssl used in Sahi Pro. Since it may be of concern to others, here is some more information related to use of openssl in Sahi Pro.

The version of openssl is :
OpenSSL 0.9.8h 28 May 2008

OpenSSL 0.9.8h did not have the heartbleed bug. ("OpenSSL 0.9.8 branch is NOT vulnerable" from http://heartbleed.com/)

In Sahi, Openssl is only used to generate a signed certificate with Sahi's CA certificate (also created via openssl).All other HTTPS communication between browser proxy and server are done via Java's built-in SSL implementation.

Sahi does not add its version of openssl into the system path, so it should not affect the rest of your system/application.

Continue reading

Someone Call Bug Control

Tip of the Day 1

What's Bugging You Today