ALL
OpenLDAP Proxy -- Tricks and tips
Just like other software configuration, there would be issues encountered during the OpenLDAP proxy setup process. In this post, we would try to summarize some of the tricks and tips for OpenLDAP proxy setup.OpenLDAP VersionWe would always recommend that you install the latest version of the OpenLDAP because they contain the latest features, bug fixes and security patches. You should always refer to the latest release notes for new changes. In case you have used an earlier version of OpenLDAP and encountered some bizarre behavior, please try to update to the latest OpenLDAP version first....
12,778 0 SSL AUTHENTICATION OPENLDAP OPENLDAP PROXY ATTRIBUTE MAPPING OVERLAY
Difference between keystore and truststore
Security has become a vital concern in most of the online transactions nowadays. Lots of the world's most popular websites have adopted security protocols to transfer data, especially sensitive data. These security protocols including SSL/TLS which are using the private/public key exchange mechanism to establish secure connections. The private/public key cryptography is a really important invention and it allows data to be transferred securely and solves the big problem of transferring symmetric key securely over Internet at the same time. Because of this characteristic, private...
7,303 0 SECURITY SSL KEYSTORE TRUSTSTORE
Resolving SVN error "Error validating server certificate for..."
When using SVN to connect secure server, the server needs to send its certificate to the client for verification. In some cases, the certificate sent by the server is not a trusted certificate, the client may choose to trust the certificate if the server is target server for sure. But users may get "Error validating server certificate for 'https://...'" the next time when they try to connect to the same secure server even if they specified "p" the first time when they are prompted to accept the server certificate.Error validating server certificate for 'https://example.com': - The certifi...
21,171 2 SSL SVN SVN.SSL.SERVER
Resolving error "SSL certificate problem: self signed certificate in certificate chain"
In a PHP application, cURL is frequently used to make connection to remote server to request some resource. It can be used to transfer data with different protocols such as HTTP, HTTPS, FTP etc.While using cURL in PHP, someone may get an error with message similar to "SSL certificate problem: self signed certificate in certificate chain".This may happen when cURL tries to make a SSL connection server and the server returns a server certificate which is self-signed and it's not trusted by the client(in the client CA store). In this case, you may need to follow below steps to resolve this issue....
A HTTPS client and HTTPS server demo in Java
In this post, I will create a HTTPS server and HTTPS client demo which can establish HTTPS communication between a server and a client using Java. This should be very useful when we want to test our understanding about SSL communication. We will use both a detailed SSL client and a simple HttpsURLConnection as the HTTPS client.Before creating the actual HTTPS server and HTTPS client, we first need to generate the keystore and truststore to be used by the server and client. To generate the keystore, we can follow instructions at Different types of keystore in Java -- JKS. In this demo, we ...
Severe SSL 3.0 vulnerability to be released
According to The Register, another severe security vulnerability has been found in the widely used SSL v3 protocol. Until now, it's still in patch phase and the details of this vulnerability is expected to be released today.There are a few widely impacted security vulnerabilities revealed this year and they bring people's attention to the long existing security concerns. Previously, we have seen the HeartBleed issue and also the recently ShellShock issue. Both of them occur in popular libraries or frameworks. The HeartBleed issue happens in OpenSSL and the ShellShcok issue happens in bash shel...
5,995 0 SSL SECURITY VULNERABILITY THE REGISTER
Three Simple Ways to Improve the Security of Your Web App
It seems like web app security has entered the public conscious recently, probably as a result of the press covering the activities of groups like Anonymous and incidents like security breaches at several CAs. Here are a couple of quick security tips to improve the security of your web apps. Think of these as low-hanging fruit, not as a substitute for thorough analysis of your app’s security. If there’s interest in this topic we can do more posts, too - let us know in the comments!Prologue: SSLYour app already forces all traffic over SSL, right? If it doesn’t, it should. T...
3,643 0 SECURITY SSL WEB APP X-FRAME-OPTIONS
SSL in PHP for WAMP
Sometimes when we need to use email service provided by WAMP, we need to use some remote mail server such as Gmail. In Gmail, if we want to use the SMTP server to send email and want to use port 465, then the SSL connection should be setup. But by default in WAMP, the ssl is not usable. So to allow use SSL, what we should do is go to system tray and click PHP->PHP Extensions->php_openssl. Then now you can use Gmail to send email easily....