certificates – Page 2 – WindowsTechs.com

What is the impact of disabled TLS hostname verification?

Posted on March 18, 2024 by Anonymous

If I have a java client that connects to a server, but in the java client code where the connection is built, it skips hostname verification disabled.
When a client tries to connect to serverA.com, what is the impact if hostname verificati… Continue reading What is the impact of disabled TLS hostname verification?→

How to get a certificate out of Chrome now the padlock has gone? [migrated]

Posted on February 28, 2024 by WendyG

I am used to clicking on the padlock in Chrome downloading the certificate and installing that in my jre.
Now the padlock has gone, I can not find how to download the certificate anymore.

Continue reading How to get a certificate out of Chrome now the padlock has gone? [migrated]→

Checking Against the CN Of Every Certificate In The Certificate Chain

Posted on February 23, 2024 by Dhiwakar Ravikumar

Is it possible to check against the CN (Common Name) or SAN (Subject Alternative Names) of each and every certificate in the certificate chain for a match ?
I have 2 docker containers hosted on my VM, one of the containers (Logstash) conne… Continue reading Checking Against the CN Of Every Certificate In The Certificate Chain→

Checking Against the CN Of Every Certificate In The Certificate Chain

Posted on February 23, 2024 by Dhiwakar Ravikumar

Automatically check if a certificate matches specific ciphers

Posted on February 22, 2024 by Shahar G

My nginx backend server supports the following ciphers:
ssl_ciphers "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-… Continue reading Automatically check if a certificate matches specific ciphers→

this was spam here. It was removed

Posted on February 18, 2024 by hoang phan

this was spam here. It was removed.

Continue reading this was spam here. It was removed→

Connecting Logstash To Elasticsearch via SSL (Docker Container)

Posted on February 14, 2024 by Dhiwakar Ravikumar

My environment consists of 2 docker containers, one running Logstash and another running Elasticsearch on the SAME host & SAME docker network.
I am trying to setup SSL between the 2 of them (this is because Elasticsearch needs SSL and … Continue reading Connecting Logstash To Elasticsearch via SSL (Docker Container)→

Is it common practice that vendors put own root certificates on customer devices?

Posted on February 9, 2024 by Torsten Bronger

At work, we are deploying a new VoIP solution, and as part of that, we are supposed to install a custom root certificate on our computers and mobile devices. The manufacturer of that VoIP solution has the private key to that. The certif… Continue reading Is it common practice that vendors put own root certificates on customer devices?→

3 ways to achieve crypto agility in a post-quantum world

Posted on February 6, 2024 by Help Net Security

Working at the speed of digital business is a constant challenge. But in today’s increasingly automated operational environment, crypto agility—i.e., an organization’s ability to (at the moment of compromise) switch rapidly and seamlessly between certi… Continue reading 3 ways to achieve crypto agility in a post-quantum world→

AnyDesk has been hacked, users urged to change passwords

Posted on February 5, 2024 by Zeljka Zorz

AnyDesk Software GmbH, the German company behind the widely used (and misused) remote desktop application of the same name, has confirmed they’ve been hacked and their production systems have been compromised. The statement was published on Frida… Continue reading AnyDesk has been hacked, users urged to change passwords→