It's full of stars!

  • All Content
  • About

certificate

Technology

Apache reverse proxy AH00898 – Error during SSL Handshake with remote server

Problem Apache is configured as a reverse proxy. The proxied backend is accessed via HTTPS. Accessing the proxied URL is resulting in an error message: proxy error. Apache log: AH00898: Error during SSL Handshake with remote server returned by /url Browser: Root cause The apache configuration is erroneous. Apache cannot Read more…

By Tobias Hofmann, 4 yearsJune 24, 2021 ago
Basis SAP

X.509 troubleshooting – Send X.509 Certificate in HTTP Header

In many cases a proxy is placed between the end user and the SAP backend, like a Web Dispatcher. User –> Proxy (intermediate) –> SAP The proxy / intermediate receives the user certificate, extracts and adds it to HTTP header SSL_CLIENT_CERT. When a connection to the SAP backend is opened, Read more…

By Tobias Hofmann, 5 yearsJuly 20, 2020 ago
Technology

How to download your iOS distribution certificate

To be able to sign your app and let an external build tool like Microsoft AppCenter upload it to iTunes Connect, you need to provide two files: Certificate: iOS Distribution Provisioning Profile: App Store Microsoft provides technical documentation on how to get the code signing certificates and how to upload Read more…

By Tobias Hofmann, 6 yearsMay 31, 2019 ago
Technology

OpenVPN Assign static IP to client

After configuring the overall OpenVPN client and server infrastructure, my clients can connect to a VPN. The client can access server resources and vice versa. While the server gets normally always the same IP assigned, the client IP address is assigned dynamically from a pool of IP addresses. Meaning: there Read more…

By Tobias Hofmann, 7 yearsSeptember 21, 2018 ago
Cloud Raspberry Pi Technology

Setup OpenVPN server on Amazon EC2

Recently I got some new hardware that I will use to run some useful software. To use the software from anywhere, I’ll need to have remote access. As I cannot do DMZ or port forwarding with my new internet provider, I decided to connect my home server using VPN to Read more…

By Tobias Hofmann, 7 yearsApril 9, 2018 ago
Technology

OpenSSL CA to sign CSR with SHA256 – Sign CSR issued with SHA-256

The overall process is: Create CA Private CA key Create private key Check private key Public CA certificate Create public certificate Check public certificate Sign CSR SHA-1 Create CSR using SHA-1 Check CSR Sign CSR enforcing SHA-256 Check signed certificate SHA-256 Create CSR using SHA-256 Check CSR Sign CSR Check Read more…

By Tobias Hofmann, 8 yearsFebruary 23, 2017 ago
Technology

OpenSSL CA to sign CSR with SHA256 – Sign CSR issued with SHA-1

The overall process is: Create CA Private CA key Create private key Check private key Public CA certificate Create public certificate Check public certificate Sign CSR SHA-1 Create CSR using SHA-1 Check CSR Sign CSR enforcing SHA-256 Check signed certificate SHA-256 Create CSR using SHA-256 Check CSR Sign CSR Check Read more…

By Tobias Hofmann, 8 yearsFebruary 21, 2017 ago
Technology

OpenSSL CA to sign CSR with SHA256 – Create CA

The overall process is: Create CA Private CA key Create private key Check private key Public CA certificate Create public certificate Check public certificate Sign CSR SHA-1 Create CSR using SHA-1 Check CSR Sign CSR enforcing SHA-256 Check signed certificate SHA-256 Create CSR using SHA-256 Check CSR Sign CSR Check Read more…

By Tobias Hofmann, 8 yearsFebruary 17, 2017 ago
Technology

Certificate pinning

Certificate pinning aims to close a trust problem that comes with PKI architecture: you trust the certificate authority (CA) and assume that the server is valid, because you trust the CA. Certificate pinning aims to ensure that you also can also trust the server. How is pinning going to achieve Read more…

By Tobias Hofmann, 9 yearsNovember 15, 2016 ago
SMP Technology

Online Certificate Status Protocol

Online Certificate Status Protocol, or short: OCSP, let you obtain the revocation status of a certificate. It has some benefits over certification revocation lists, mainly that you can let the OCSP server do the heavy work of validating a certificate and the client gets some additional security when accepting the Read more…

By Tobias Hofmann, 9 yearsAugust 30, 2016 ago

Posts navigation

1 2 … 4 Next
  • Datenschutzerklärung
  • Impressum
  • Cookie-Erklärung
Hestia | Developed by ThemeIsle