Today's Question:  What weekend projects have you created?        GIVE A SHOUT



  Resolving SVN error "Error validating server certificate for..."

When using SVN to connect secure server, the server needs to send its certificate to the client for verification. In some cases, the certificate sent by the server is not a trusted certificate, the client may choose to trust the certificate if the server is target server for sure.  But users may get "Error validating server certificate for 'https://...'" the next time when they try to connect to the same secure server even if they specified "p" the first time when they are prompted to accep...

2,413 1          SSL SVN SVN.SSL.SERVER

  Generate certificate with cRLDistributionPoints extension using OpenSSL

In an X509 certificate, the cRLDistributionPoints extension provides a mechanism for the certificate validator to retrieve a CRL(Certificate Revocation List) which can be used to verify whether the given certificate is revoked.   A cRLDistributionPoints extension can contain one or more DistributionPoints where the CRL can be retrieved from. Each DistributionPoint consists of three fields,each of which is optional: distributionPoint : it contains either a SEQUENCE of general...


  Get Facebook, Twitter and YouTube back

Facebook, Twitter and YouTube have become part of many people's daily network life. People hang around these sites to network with known and unknown friends, to know about the latest news and to relax with fancy video clips. But what will you feel if all of a sudden you cannot access them? Want to experience this? Go behind the GFW(Great Firewall) of China. Just a joke, but it's real. Huh, you are out of China? Don't worry. Change your DNS server to those located in China. I just experienced it,...


  Generate certificate in Java -- Store certificate in KeyStore

In previous post, we have explained how to create a certificate chain in Java. After generating the chain, we need to store it somewhere so that it can be used later when we are doing the actual SSL communication, either in a key store or trust store. This post will show you how to store the private key and its associated certificate chain in a keystore file. There are different types of keystore in Java, in this post, we will choose the JKS to demonstrate how to store the certificate chain. Whe...


  A completely new approach to surveillance - should you be worried?

Paranoia is not necessarily a bad thing - assuming someone is really out there to get you. True or not, the paranoid have had issues they need to control explode as the internet developed, they also got specific tools to make their secrets (or their life, not everybody has a dark secret) more secure and under control. Unfortunately to them, and to the amazement of science and science fiction fans worldwide, a new way of obtaining secrets has appeared and it’s something very few expected. ...

2,290 0          SECURITY

  Generate certificate in Java -- Self signed certificate

This is the first post in this series which I will show you how to generate SSL certificate in Java programmatically. Certificates are frequently used in SSL communication which requires the authentication of server to client. This is to make the client to trust that the server is actually the one it claims. Certificates are really important on the Internet. All HTTPS communications on the Internet need the server side to present their certificates signed by trusted CAs. The basic flow of a requ...

23,656 14          JAVA CERTIFICATE X509

  Mozilla releases a web identity system : Persona

Now almost every website requires the user to register, there are many benefits of registration for a website, such as retaining users, accommodating discussions, providing customized content and so on.But there is too much trouble if each site requires registration, right?Of course, users can also have their own way, for those less important sites, for example, using a unified user name, password and email so that you only need to remember one account. Then, we also see some advanced methods em...


  Some hidden XSS injection vulnerabilities

XSS injection refers to a Web page generates some unexpected executable js codes based on user input  and these executable codes are executed by web browser,i.e, the source code sent to web browser by the server contains some illegal js codes, and these illegal js codes are related to user's input. Common XSS injection vulnerabilities can be fixed with some functions such as htmlspecialchars(escaping HTML special characters) and strip_tags() or similar, but there are some hidden XSS injecti...