Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- SSL

  OpenLDAP Proxy -- Installation and configuration

After understanding what the configuration would be for an OpenLDAP proxy, it's time to explain the installation of OpenLDAP proxy and how to make it run. In this post, we will cover how to install OpenLDAP proxy both locally and using docker. Local installation The installation is quite easy, there are a few packages to be installed including the ldap server, ldap client and some utilities. Below steps are for CentOS, the instructions for other platforms should be similar with minor differ...

   INSTALLATION,CENTOS,DOCKER,OPENLDAP,OPENLDAP PROXY     2017-11-03 20:26:41

  Goodbye Manual Processes, Hello Automation Certificate Lifecycle Management Like It’s Supposed to Be

At the heart of every story lies a villain and a hero. In the never-ending story of certificate lifecycle management, there’s no bigger villain than manual effort. Destructive, irrepressible, and risk-laden, this villain causes nothing but mayhem and loss. Automation, the hero, is the complete opposite of manual effort. Proactive, solution-oriented, and breach-proof, this hero deserves recognition, allegiance, and attention, yet they get none of that from a majority of today’s organi...

   DATA SECURITY,CERTIFICATE     2023-06-20 08:10:02

  FUCK PASSWORDS

I'm so tired of passwords. So, so, so tired. Most people don't understand this. Most people use the same password everywhere. Most people can just mechanically type out password3 in every password box, smirking to themselves at how clever they are, because who would ever guess 3 instead of 1? I don't do that. Let me tell you what i do. I generate a different password for every service, based on a convoluted master password and the name of the thing. I do this because it's what you're...

   Security,Password,Random generation,Hard to remember     2011-12-05 11:32:45

  Generate certificate from cert file in Java

A certificate is often used to prove the identity of a server. The certificate will contain information such as the subject and issuer of the certificate. It will also contain the validation date of the certificate. A certificate is often exported to an external cert file which is transferred over the internet. We will often see its use in SSL communication which provides secure communication between two entities. In this post, we will show how to read the data from an external certificate file ...

   PKCS12,CertificateFactory,Example,Java,X509     2015-06-08 06:47:05

  What and what not to log while debugging

Log is a critical part of an application. It serves as an eye to the programmer on how the application is working while debugging. Especially for applications running on production environment, if the application encounters problem and the problem cannot be reproduced on other environments, log will be extremely useful. While log is essential, but developers have to log smartly. Because if don't put log smartly, you may not get what you want while debugging or you may get too many...

   PROGRAMMING,DEBUG,LOG,SUPPORT     2016-03-14 08:09:03

  Why isn't all internet traffic encrypted?

The biggest problem is that you must be able to verify that you're encrypting to the correct key. Without it, encryption would be practically useless, as anyone could perform a man-in-the-middle attack on the connection and remain undetected.In typical SSL/TLS, as well as other protocols using X.509, this verification is performed by "certification authorities", which are explicitly marked as "trusted" by web browsers and operating systems. Unfortunately, these CAs usual...

   Internet,Traffic,Encryption,Decryption,Security     2011-10-15 15:03:37

  Building a Modern Web Stack for the Real-time Web

The web is evolving. After a few years of iteration the WebSockets spec is finally here (RFC 6455), and as of late 2011 both Chrome and Firefox are SPDY capable. These additions are much more than just "enhancing AJAX", as we now have true real-time communication in the browser: stream multiplexing, flow control, framing, and significant latency and performance improvements. Now, we just need to drag our "back office" - our web frontends, app servers, and everything in between into this cen...

   Web design,Real-time web,web stack     2012-02-15 05:54:41

  What to Look for in PHP 5.4.0

PHP 5.4.0 will arrive soon. The PHP team is working to bring to some very nice presents to PHP developers. In the previous release of 5.3.0 they had added a few language changes. This version is no different. Some of the other changes include the ability to use DTrace for watching PHP apps in BSD variants (there is a loadable kernel module for Linux folks). This release features many speed and security improvements along with some phasing out of older language features (Y2K ...

   PHP,5.4,New feature,Built-in server,Trait     2011-12-21 10:20:12

  Generate certificate in Java -- Certificate chain

In previous post, we have introduced the use of Certificate and how to generate self signed certificate using Java. In this post, we will show you how to generate a certificate chain. Sometimes we may only have a certificate request or we don't have a trusted certificate which can be used for business. Now we need to have a trusted CA to sign our certificate so that it can be used on SSL communications. To generate a certificate chain, we may first have our own certificate(A), then we may use ot...

   Java,Certificate chain,Creation, Pure Java     2014-07-30 08:24:52

  Introduction to OAuth (in Plain English)

Last week we talked about giving away your passwords and how you should never do it.  When a website wants to use the services of another—such as Bitly posting to your Twitter stream—instead of asking you to share your password, they should use OAuth instead. OAuth is an authentication protocol that allows you to approve one application interacting with another on your behalf without giving away your password. This is a quick guide to illustrate, as simply as possibl...

   Security,OAuth,Permission,Partial access     2012-04-05 11:39:54

RECENT