Today's Question:  What weekend projects have you created?        GIVE A SHOUT



  Difference between keystore and truststore

Security has become a vital concern in most of the online transactions nowadays. Lots of the world's most popular websites have adopted security protocols to transfer data, especially sensitive data. These security protocols including SSL/TLS which are using the private/public key exchange mechanism to establish secure connections.  The private/public key cryptography is a really important invention and it allows data to be transferred securely and solves the big problem of transferrin...


  Resolving SVN error "Error validating server certificate for..."

When using SVN to connect secure server, the server needs to send its certificate to the client for verification. In some cases, the certificate sent by the server is not a trusted certificate, the client may choose to trust the certificate if the server is target server for sure.  But users may get "Error validating server certificate for 'https://...'" the next time when they try to connect to the same secure server even if they specified "p" the first time when they are prompted to accep...

2,118 1 0          SSL SVN SVN.SSL.SERVER

  Resolving error "SSL certificate problem: self signed certificate in certificate chain"

In a PHP application, cURL is frequently used to make connection to remote server to request some resource. It can be used to transfer data with different protocols such as HTTP, HTTPS, FTP etc. While using cURL in PHP, someone may get an error with message similar to "SSL certificate problem: self signed certificate in certificate chain". This may happen when cURL tries to make a SSL connection server and the server returns a server certificate which is self-signed and it's not trusted by the c...

3,448 1 0          PHP SSL CURL TWILIO

  A HTTPS client and HTTPS server demo in Java

In this post, I will create a HTTPS server and HTTPS client demo which can establish HTTPS communication between a server and a client using Java. This should be very useful when we want to test our understanding about SSL communication. We will use both a detailed SSL client and a simple HttpsURLConnection as the HTTPS client. Before creating the actual HTTPS server and HTTPS client, we first need to generate the keystore and truststore to be used by the server and client. To generate the keyst...

19,436 1 2          JAVA SSL DEMO HTTPS

  Severe SSL 3.0 vulnerability to be released

According to The Register, another severe security vulnerability has been found in the widely used SSL v3 protocol. Until now, it's still in patch phase and the details of this vulnerability is expected to be released today. There are a few widely impacted security vulnerabilities revealed this year and they bring people's attention to the long existing security concerns. Previously, we have seen the HeartBleed issue and also the recently ShellShock issue. Both of them occur in popular libraries...


  Three Simple Ways to Improve the Security of Your Web App

It seems like web app security has entered the public conscious recently, probably as a result of the press covering the activities of groups like Anonymous and incidents like security breaches at several CAs. Here are a couple of quick security tips to improve the security of your web apps. Think of these as low-hanging fruit, not as a substitute for thorough analysis of your app’s security. If there’s interest in this topic we can do more posts, too - let us know in the comments! Pro...


  SSL in PHP for WAMP

Sometimes when we need to use email service provided by WAMP, we need to use some remote mail server such as Gmail. In Gmail, if we want to use the SMTP server to send email and want to use port 465, then the SSL connection should be setup. But by default in WAMP, the ssl is not usable. So to allow use SSL, what we should do is go to system tray and click PHP->PHP Extensions->php_openssl. Then now you can use Gmail to send email easily....

38,318 1 0          PHP EMAIL GMAIL SSL WAMP SMTP