SEARCH KEYWORD -- SSL CERTIFICATE
OpenLDAP Proxy -- Tricks and tips
Just like other software configuration, there would be issues encountered during the OpenLDAP proxy setup process. In this post, we would try to summarize some of the tricks and tips for OpenLDAP proxy setup. OpenLDAP Version We would always recommend that you install the latest version of the OpenLDAP because they contain the latest features, bug fixes and security patches. You should always refer to the latest release notes for new changes. In case you have used an earlier version of Open...
SSL,AUTHENTICATION,OPENLDAP,OPENLDAP PROXY,ATTRIBUTE MAPPING,OVERLAY 2017-11-04 04:29:38
All I Know About Certificates -- Certificate Authority
One of the crucial steps in the TLS handshake is for the server to prove its identity to the client. While there is plenty of content explaining the principles of the handshake, there's less information about certificates, which are a critical component of TLS/SSL. This series of articles aim to explain what certificates are used for, how Google prevents others from impersonating Google, and why certificate issues frequently arise, among other topics. (Postscript: It took me a full 10 hours to w...
CLIENTS,WEBSITE,CERTIFICATE,SSL CERTIFICATE 2024-07-26 22:22:28
Generate certificate in Java -- Store certificate in KeyStore
In previous post, we have explained how to create a certificate chain in Java. After generating the chain, we need to store it somewhere so that it can be used later when we are doing the actual SSL communication, either in a key store or trust store. This post will show you how to store the private key and its associated certificate chain in a keystore file. There are different types of keystore in Java, in this post, we will choose the JKS to demonstrate how to store the certificate chain. Whe...
Java,Certificate chain,Keystore 2014-08-20 03:56:39
HeartBleed: OpenBSD now starts to clean up OpenSSL
Since the disclosure of HeartBleed bug in OpenSSL, some arguments emerge around the safety of OpenSSL, the largest open source SSL/TLS library used by large number of servers, applications. Some people are even starting to create their own version of SSL library. This includes OpenBSD, a famous Unix like open source operating system. Just a few days after the HeartBleed bug, OpenBSD forked a new branch of OpenSSL and started to clean up the forked branch and plans to merge it to its own cod...
HeartBleed,OpenBSD 2014-04-15 04:21:26
Using keytool to create certificate chain
JDK provides a command line tool -- keytool to handle key and certificate generation. This tool has a set of options which can be used to generate keys, create certificates, import keys, install certificate and export certificates etc. In this tutorial, we will show how to create certificate chain using keytool. If you want to understand how to create certificate chain programmably, please refer to Generate certificate in Java -- Certificate chain. To begin, we first generate a key pair whi...
JAVA,KEYTOOL,CERTIFICATE CHAIN,CERTIFICATE 2015-12-17 07:09:33
Goodbye Manual Processes, Hello Automation Certificate Lifecycle Management Like It’s Supposed to Be
At the heart of every story lies a villain and a hero. In the never-ending story of certificate lifecycle management, there’s no bigger villain than manual effort. Destructive, irrepressible, and risk-laden, this villain causes nothing but mayhem and loss. Automation, the hero, is the complete opposite of manual effort. Proactive, solution-oriented, and breach-proof, this hero deserves recognition, allegiance, and attention, yet they get none of that from a majority of today’s organi...
DATA SECURITY,CERTIFICATE 2023-06-20 08:10:02
Different types of keystore in Java -- JKS
JKS is Java Keystore, a proprietary keystore type designed for Java. It can be used to store private keys and certificates used for SSL communication, it cannot store secret keys however. The keytool shipped with JDKs cannot extract private keys stored on JKS. This type of keystore usually has an extension of jks. Next we will show how to operate the JKS keystore with pure Java code. Create JKS keystore The simplest method to create a JKS keystore to create an empty keystore. We can first get an...
Different types of keystore in Java -- PKCS12
PKCS12 is an active file format for storing cryptography objects as a single file. It can be used to store secret key, private key and certificate.It is a standardized format published by RSA Laboratories which means it can be used not only in Java but also in other libraries in C, C++ or C# etc. This file format is frequently used to import and export entries from or to other keystore types. Next we will explain the operations which can be performed on PKCS12 keystore. Create PKCS12 keystore Be...
A HTTPS client and HTTPS server demo in Java
In this post, I will create a HTTPS server and HTTPS client demo which can establish HTTPS communication between a server and a client using Java. This should be very useful when we want to test our understanding about SSL communication. We will use both a detailed SSL client and a simple HttpsURLConnection as the HTTPS client. Before creating the actual HTTPS server and HTTPS client, we first need to generate the keystore and truststore to be used by the server and client. To generate the keyst...
Generating CSR using Java
A CSR(Certificate Signing Request) is a kind of request generated by an application and is to be sent to a Certificate Authority to create a signed certificate which can be distributed. It usually contains certificate information such as subject name, public key info and signature info. In Java, keytool can be used to generate a certificate request with option -certreq. But sometimes if an application wants to create a CSR programmatically, keytool will not do a favor, instead you should u...
JAVA,SECURITY,CSR,CERTIFICATE REQUEST 2016-05-25 04:49:17
RECENT
- Fix Surface Keyboard not Working Issue
- Python Process Protection Watchdog
- The Strange Behavior of the void Type in TypeScript
- MySQL Index Merge Optimization Practices
- Applying Large Language Models (LLMs) to Solve Cybersecurity Questions
- Everyone Can Write Tech Blogs
- Python SSH Connection Tools
- Revolutionize Your Event Planning with Interactive Presentation Templates
- New Unreal Engine 5 and Nvidia Technology in Black Myth: Wukong
- 10-32 rack screws
- more>>
