It's full of stars!

  • All Content
  • About

openssl

Basis SAP Security Technology

SSO Logon with X.509 certificate

SSO logon with an X.509 certificate offers some benefits. In this blog, I’ll cover the main benefits, problems and attention areas when using X.509 for SSO. As a practical example the X.509 logon with NetWeaver ABAP is shown. To access an ICM service on a NetWeaver ABAP system (NW ABAP), Read more…

By Tobias Hofmann, 5 yearsJuly 24, 2020 ago
Basis SAP

X509 based logon – 3 – Create a user certificate

The user needs to have a valid X.509 certificate to be able log on at the SAP System (via ICM service). This certificate is issued by the intermediate CA. Create a CSR for a user and let the intermediate CA sign it. Following my own blogs, I get a certificate Read more…

By Tobias Hofmann, 5 yearsJuly 10, 2020 ago
Technology

PKI with OpenSSL: Howto using Jupyter Notebook

From time to time I have to create a PKI with a root and intermediate CA. As I do not want to have to search for the correct commands, I created a setup for OpenSSL and a Jupyter notebook that guides me through the steps. This allows me to go Read more…

By Tobias Hofmann, 5 yearsFebruary 26, 2020 ago
Technology

Setup OpenVPN troubleshooting

While setting up OpenVPN I came accross some common errors or workarounds that make life easier. To make it easier to remember these I have documented them in this blog. Maybe they are useful for others as well. Remove pass phrase In case you want to remove the pass phrase Read more…

By Tobias Hofmann, 7 yearsApril 18, 2018 ago
Technology

OpenSSL CA to sign CSR with SHA256 – Sign CSR issued with SHA-256

The overall process is: Create CA Private CA key Create private key Check private key Public CA certificate Create public certificate Check public certificate Sign CSR SHA-1 Create CSR using SHA-1 Check CSR Sign CSR enforcing SHA-256 Check signed certificate SHA-256 Create CSR using SHA-256 Check CSR Sign CSR Check Read more…

By Tobias Hofmann, 8 yearsFebruary 23, 2017 ago
Technology

OpenSSL CA to sign CSR with SHA256 – Sign CSR issued with SHA-1

The overall process is: Create CA Private CA key Create private key Check private key Public CA certificate Create public certificate Check public certificate Sign CSR SHA-1 Create CSR using SHA-1 Check CSR Sign CSR enforcing SHA-256 Check signed certificate SHA-256 Create CSR using SHA-256 Check CSR Sign CSR Check Read more…

By Tobias Hofmann, 8 yearsFebruary 21, 2017 ago
Technology

OpenSSL CA to sign CSR with SHA256 – Create CA

The overall process is: Create CA Private CA key Create private key Check private key Public CA certificate Create public certificate Check public certificate Sign CSR SHA-1 Create CSR using SHA-1 Check CSR Sign CSR enforcing SHA-256 Check signed certificate SHA-256 Create CSR using SHA-256 Check CSR Sign CSR Check Read more…

By Tobias Hofmann, 8 yearsFebruary 17, 2017 ago
SMP Technology

OCSP part 6 – Test OCSP service

To test if OCSP is working, you need to have a certificate with OCSP information included. This is only available for certificates emitted AFTER the service was installed, configured and activated on the CA. Therefore, you`ll need to first create a new certificate for your tests. Depending on your CA Read more…

By Tobias Hofmann, 9 yearsJuly 21, 2016 ago
Technology

Verify certificate chain with OpenSSL

A good TLS setup includes providing a complete certificate chain to your clients. This means that your web server is sending out all certificates needed to validate its certificate, except the root certificate. This is best practice and helps you achieving a good rating from SSL Labs. In a normal Read more…

By Tobias Hofmann, 9 yearsFebruary 18, 2016 ago
  • Datenschutzerklärung
  • Impressum
  • Cookie-Erklärung
Hestia | Developed by ThemeIsle