* [[https://blog.lxsang.me/post/id/31|test all cipher suites supported by openssl against the server]]
  * [[http://nginx.org/en/docs/http/configuring_https_servers.html|choose ciphers nginx will use]]
  * listen to traffic on interface eth0 on port 443: ''sudo ssldump -i eth0 port 443''
  * convert pem to crt: ''openssl x509 -outform der -in your-cert.pem -out your-cert.crt''

===== LibreSSL =====
LibreSSL was forked by OpenBSD as a reaction to heartbleed. Fork happened at v1.0.2g. Seems to have less developers but used by OpenBSD and maybe Windows as well? Source code appears to be a drop-in replacement for OpenSSL 1.0.2g. After that the two have branched away from each other.