Microsoft Build conference is currently running and full of announcements. You can read the in the book of news published by Microsoft to get an overview. One of the most impactful announcements concerns Azure apps. You can now run Azure application services (App Service, Functions, Logic Apps, Event Grid, API Read more…
“When I was younger, so much younger than today I never needed anybody’s help in any way But now these days are gone, I’m not so self assured (but now these days are gone) (And now I find) now I find I’ve changed my mind and opened up the doors” Read more…
Another brick in the wall, pt.2 Pink Floyd (Youtube) One of the more pleasant surprises at SAP TechEd 2020 was the free access to selected learning journeys as a Learning Hub (LH) subscription (*). With this offer, SAP TechEd participants get free access to selected SAP learning material until end Read more…
In this blog I will detail how you use Microsoft’s AppCenter to build an iOS app und publish it directly to iTunes Connect. This allows you to decouple the building, testing and distribution process from the developers. The developer only has to push the app to the repository (I am Read more…
Online Certificate Status Protocol, or short: OCSP, let you obtain the revocation status of a certificate. It has some benefits over certification revocation lists, mainly that you can let the OCSP server do the heavy work of validating a certificate and the client gets some additional security when accepting the Read more…
To test if OCSP is working, you need to have a certificate with OCSP information included. This is only available for certificates emitted AFTER the service was installed, configured and activated on the CA. Therefore, you`ll need to first create a new certificate for your tests. Depending on your CA Read more…
After having OCSP installed, configured and having CA include OCSP information in newly emitted certificates, the basic configuration is done and you are ready to use OCSP in your environment. To make better use of OCSP, some additional configuration steps should be done, like enabling NONCE. Microsoft test client isn`t Read more…
After having the OCSP service installed and configured, the CA must be made aware of the service. Only after this, new emitted certificates by the CA will include the OCSP information. This means that you can run a OCSP service without having it included in the client certificates. In that Read more…
For the CA to be able to use OCSP, read permission to the private key must be given. Add Read permissions to Network Service on the private key Open the Certificate Templates snap-in. Select the OCSP Response Signing template. Right-click it and click on properties. Go to tab security. Click Read more…
To change the default certificate template NDES is using, it is necessary to change some Windows registry values. Looks like there is no GUI tool from Microsoft for this available. The procedure for changing these values is given by Microsoft [1],[2]. To do so, open the registry editor and navigate Read more…