Problem Apache is configured as a reverse proxy. The proxied backend is accessed via HTTPS. Accessing the proxied URL is resulting in an error message: proxy error. Apache log: AH00898: Error during SSL Handshake with remote server returned by /url Browser: Root cause The apache configuration is erroneous. Apache cannot Read more…
In many cases a proxy is placed between the end user and the SAP backend, like a Web Dispatcher. User –> Proxy (intermediate) –> SAP The proxy / intermediate receives the user certificate, extracts and adds it to HTTP header SSL_CLIENT_CERT. When a connection to the SAP backend is opened, Read more…
To be able to sign your app and let an external build tool like Microsoft AppCenter upload it to iTunes Connect, you need to provide two files: Certificate: iOS Distribution Provisioning Profile: App Store Microsoft provides technical documentation on how to get the code signing certificates and how to upload Read more…
After configuring the overall OpenVPN client and server infrastructure, my clients can connect to a VPN. The client can access server resources and vice versa. While the server gets normally always the same IP assigned, the client IP address is assigned dynamically from a pool of IP addresses. Meaning: there Read more…
Recently I got some new hardware that I will use to run some useful software. To use the software from anywhere, I’ll need to have remote access. As I cannot do DMZ or port forwarding with my new internet provider, I decided to connect my home server using VPN to Read more…
The overall process is: Create CA Private CA key Create private key Check private key Public CA certificate Create public certificate Check public certificate Sign CSR SHA-1 Create CSR using SHA-1 Check CSR Sign CSR enforcing SHA-256 Check signed certificate SHA-256 Create CSR using SHA-256 Check CSR Sign CSR Check Read more…
The overall process is: Create CA Private CA key Create private key Check private key Public CA certificate Create public certificate Check public certificate Sign CSR SHA-1 Create CSR using SHA-1 Check CSR Sign CSR enforcing SHA-256 Check signed certificate SHA-256 Create CSR using SHA-256 Check CSR Sign CSR Check Read more…
The overall process is: Create CA Private CA key Create private key Check private key Public CA certificate Create public certificate Check public certificate Sign CSR SHA-1 Create CSR using SHA-1 Check CSR Sign CSR enforcing SHA-256 Check signed certificate SHA-256 Create CSR using SHA-256 Check CSR Sign CSR Check Read more…
Certificate pinning aims to close a trust problem that comes with PKI architecture: you trust the certificate authority (CA) and assume that the server is valid, because you trust the CA. Certificate pinning aims to ensure that you also can also trust the server. How is pinning going to achieve Read more…
Online Certificate Status Protocol, or short: OCSP, let you obtain the revocation status of a certificate. It has some benefits over certification revocation lists, mainly that you can let the OCSP server do the heavy work of validating a certificate and the client gets some additional security when accepting the Read more…