Refer this blog to get a basic understanding of using self-signed SSL certificates on your Apache server. Also, the above link will help you in generating a private key and a CSR (Certificate Signing Request), which contains information about your country, locality, company, your public key, etc.; for your server. For commercial...
DROWN is an abbreviation for Decrypting RSA with Obsolete and Weakened encryption and is seems to be applicable on servers using SSLV2. Just like Heartbleed, it may impact more than 11 million websites using OpenSSL.This blog explains Preventing cryptographic protocols from "DROWN attack". What this vulnerability can do? DROWN...