Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- X509

  Generate certificate in Java -- Certificate chain

In previous post, we have introduced the use of Certificate and how to generate self signed certificate using Java. In this post, we will show you how to generate a certificate chain. Sometimes we may only have a certificate request or we don't have a trusted certificate which can be used for business. Now we need to have a trusted CA to sign our certificate so that it can be used on SSL communications. To generate a certificate chain, we may first have our own certificate(A), then we may use ot...

   Java,Certificate chain,Creation, Pure Java     2014-07-30 08:24:52

  Generate signed certificate from CSR in Java

In our previous tutorial, we have explained how to generate CSR which can be sent to CA for generating a signed certificate. In this tutorial, we will explain how to generate the signed certificate from CSR in Java. We will not use an actual CA but a self-signed certificate to act as a CA certificate. Since the CSR contains the subject information where a certificate needs to be generated and signed for. The key here is to extract the subject information from the CSR and then set it as the subje...

   JAVA,CSR,SIGN CERTIFICATE     2020-10-24 07:03:17

  Generate certificate in Java -- Store certificate in KeyStore

In previous post, we have explained how to create a certificate chain in Java. After generating the chain, we need to store it somewhere so that it can be used later when we are doing the actual SSL communication, either in a key store or trust store. This post will show you how to store the private key and its associated certificate chain in a keystore file. There are different types of keystore in Java, in this post, we will choose the JKS to demonstrate how to store the certificate chain. Whe...

   Java,Certificate chain,Keystore     2014-08-20 03:56:39

  Generate certificate with cRLDistributionPoints extension using OpenSSL

In an X509 certificate, the cRLDistributionPoints extension provides a mechanism for the certificate validator to retrieve a CRL(Certificate Revocation List) which can be used to verify whether the given certificate is revoked.   A cRLDistributionPoints extension can contain one or more DistributionPoints where the CRL can be retrieved from. Each DistributionPoint consists of three fields,each of which is optional: distributionPoint : it contains either a SEQUENCE of general...

   X509,OPENSSL,CERTIFICATE,CRLDISTRIBUTIONPOINT,EXTENSION     2015-10-22 03:41:11

  Generate certificate from cert file in Java

A certificate is often used to prove the identity of a server. The certificate will contain information such as the subject and issuer of the certificate. It will also contain the validation date of the certificate. A certificate is often exported to an external cert file which is transferred over the internet. We will often see its use in SSL communication which provides secure communication between two entities. In this post, we will show how to read the data from an external certificate file ...

   PKCS12,CertificateFactory,Example,Java,X509     2015-06-08 06:47:05

  Generate certificate in Java -- Self signed certificate

This is the first post in this series which I will show you how to generate SSL certificate in Java programmatically. Certificates are frequently used in SSL communication which requires the authentication of server to client. This is to make the client to trust that the server is actually the one it claims. Certificates are really important on the Internet. All HTTPS communications on the Internet need the server side to present their certificates signed by trusted CAs. The basic flow of a requ...

   Java,Certificate,X509     2014-07-30 07:42:18

  OpenLDAP Proxy -- Installation and configuration

After understanding what the configuration would be for an OpenLDAP proxy, it's time to explain the installation of OpenLDAP proxy and how to make it run. In this post, we will cover how to install OpenLDAP proxy both locally and using docker. Local installation The installation is quite easy, there are a few packages to be installed including the ldap server, ldap client and some utilities. Below steps are for CentOS, the instructions for other platforms should be similar with minor differ...

   INSTALLATION,CENTOS,DOCKER,OPENLDAP,OPENLDAP PROXY     2017-11-03 20:26:41

  Kubernetes Authentication & Authorization 101

If we want to build a system with user modules, Authentication and Authorization are something that we can never ignore, though they could be fuzzy to understand. Authentication (from Greek: αὐθεντικÏŒς authentikos, “real, genuine”, from αὐθέντης authentes, “author”) is the act of proving an assertion, such as the identity of a computer s...

   RBAC,AUTHORIZATION,AUTHENTICATION,KUBERNETES     2021-06-05 23:19:18

  proftpd FTP Server setup on Ubuntu

A- The GUI way (for beginners only)For those who are new to linux and don't want to use a FTP server without GUI, or just for those who don't use often their FTP server and wish to set it quickly without a high level of security, there is a GTK GUI for proftpd.Be careful, it's less secure than configuring yourself your server.1- Install proftpd and gproftpd with synaptic or with this command :Code:sudo apt-get install proftpd gproftpd2-Play with the GUI and set up quickly your server.Beware...

   FTP Server,proftpd,Ubuntu,Setup     2011-04-27 11:23:10

RECENT