HOB-SSL – The Alternative to OpenSSL

Why mod_hob_ssl is superior to mod_ssl:

mod_hob_ssl is a proprietary, closed source SSL, meaning it cannot be examined by hackers looking for security gaps.

mod_hob_ssl is also certified in accordance with the Common Criteria EAL 4+, the highest security rating available for a commercial, pure software solution.

The random number generator (seed generation) in mod_hob_ssl was developed with the utmost care and provides an entropy of at least 50 bits (= more than 100 million possible combinations). This random number generator was also certified in accordance with the Common Criteria EAL 4+.

HOB provides highly qualified technical support in the event a customer has questions regarding the proper use of mod_hob_ssl. Such dedicated support cannot be found for OpenSSL.

HOB has strict guidelines for dealing with any eventual security flaws: The customer will be informed and will promptly receive a patch.

The configuration tool (Security Manager) is more user-friendly than text-based configuration files found in other SSL solutions.

mod_hob_ssl has no unnecessary features, which present an opportunity of attack (such as Heartbeat in OpenSSL, which led to the Heartbleed vulnerability).

HOB has a conservative security model, with greater focus on security itself. For example, with one of the most recent security gaps discovered in OpenSSL (CVE 2016-0701) – a private exponent for the Diffie-Hellman key exchange was, in certain cases, reused. This gap has now been exploited in an attack:


At HOB, the utmost care is taken to prevent such vulnerabilities.

Read more: HOBLink Secure for Apache


11.03.16 JR