From October 7 to 9, 2025, Prague hosted the very first OpenSSL Conference, dedicated to the OpenSSL ecosystem, cryptography and communications security. As CEO of FIDELILIUM, I had the privilege of attending alongside experts from around the world. Notably, French participants represented barely 1.6% of attendees — a rarity underscoring the importance of our presence in international technical circles.

The conference offered a dense programme exploring advanced OpenSSL uses in critical contexts, from TLS encryption to X.509 certificates, smart cards and Active Directory environments.

Standout talk: Darryl G. Baker — Attacking and Defending Active Directory with OpenSSL: TLS, Certs, and Smartcard Chaos.

Active Directory is at the heart of many organisations' infrastructure, relying on LDAPS, PKINIT and X.509 certificates. Yet these mechanisms are often misconfigured, opening the door to sophisticated attacks.

Key learnings:
OpenSSL is a powerful tool for pentesters and defenders — not just developers.
It enables auditing trust chains, detecting malicious certificates, and probing LDAPS services in real time.
Smart cards used for Kerberos can be hijacked if certificates are not properly verified.
Poor certificate management can compromise an entire AD environment.

At FIDELILIUM, this conference strengthened our approach to securing Microsoft environments including Active Directory. Mastery of cryptographic fundamentals is essential to anticipate threats and build resilient architectures.

Cybersecurity rests on a deep understanding of protocols, certificates and system interactions.
Contact us to learn more about securing Active Directory or advanced OpenSSL usage!