RECENT BLOG NEWS

So, what’s new at wolfSSL? Take a look below to check out the most recent news, or sign up to receive weekly email notifications containing the latest news from wolfSSL. wolfSSL also has a support-specific blog page dedicated to answering some of the more commonly received support questions.

wolfSSL 5.9.1 release blog

wolfSSL 5.9.1 is available with new features, post-quantum cryptography improvements, broad bug fixes, and a number of vulnerability fixes. Users are always recommended to stay up to date with wolfSSL releases. In this release, use cases that are affected by high severity reports are: PKCS7 with ORI callback set or AuthEnvelopedData with AES-GCM (–enable-pkcs7), ECDSA […]

Read MoreMore Tag

Migrating CRL Workflows from Bouncy Castle to wolfSSL JNI

If your Java stack currently uses Bouncy Castle for certificate tooling, moving CRL generation to wolfSSL’s JNI is straightforward once you map the flow correctly. wolfSSL JNI/JSSE uses wolfSSL’s native C crypto/TLS library, so projects can share one crypto implementation across Java and non-Java components. In environments that require validated cryptography, wolfSSL has significant experience […]

Read MoreMore Tag

Expanded CRL Support: Generating a CRL

wolfSSL has long provided solid CRL decode and validation support. This update builds on that foundation by adding CRL generation and signing capabilities, along with certificate extension helpers that improve revocation-aware certificate creation workflows. What is a CRL? A Certificate Revocation List (CRL) is a signed list published by a certificate authority (CA) that identifies […]

Read MoreMore Tag

New! wolfSSL Launches User-Space FIPS VPN Client in Rust

wolfSSL is excited to announce the release of its new user-space VPN client. This client is written entirely in Rust, leveraging the language’s safety and performance characteristics. The implementation is based on the popular open-source boringtun project. Crucially, this new client incorporates FIPS-validated cryptography through the use of the wolfGuard protocol. This solution ensures a […]

Read MoreMore Tag

wolfSSL’s OCSP and OCSP-Stapling Support

Sometimes, X.509 certificates need to be revoked. One way that can happen is via CRL (Certificate Revocation List), but that’s a topic for another time. Today we’ll focus on OCSP (Online Certificate Status Protocol). The OCSP protocol is designed to allow a client to send a real-time query to a certificate authority’s OCSP responder, which […]

Read MoreMore Tag

Keeping TLS 1.3 AES-GCM Session Keys Out of RAM

Secure Element Offload via Crypto Callbacks in wolfSSL Modern embedded and security-critical systems increasingly rely on Secure Elements, TPMs, and hardware cryptographic accelerators to protect private keys. In wolfSSL, asymmetric keys such as ECC private keys can already reside entirely inside hardware using Crypto Callbacks. Until now, however, TLS 1.3 AES-GCM session keys were still […]

Read MoreMore Tag

Simplified Networking: wolfIP Now Supports STM32CubeMX

Developing robust, secure networking for embedded systems just got a whole lot smoother. We are excited to announce that wolfIP now features official STM32CubeMX Pack support. Manual integration of networking stacks can be a headache, often requiring tedious porting and configuration. By introducing this CubePack, we’ve bridged the gap between the wolfIP stack and the […]

Read MoreMore Tag

TLS vs. SSH: When To Use Which (2026 Edition)

TLS and SSH are both widely used protocols for creating secure connections between two systems over an untrusted network. Although they share some fundamental goals, they are designed for different use cases. In this updated guide, we will explore when you should use which, along with a look at the latest developments in both protocols. […]

Read MoreMore Tag

Posts navigation

1 2 3 4 231 232 233

Weekly updates

Archives