certificates – Page 6 – WindowsTechs.com

Checking Against the CN Of Every Certificate In The Certificate Chain

Posted on February 23, 2024 by Dhiwakar Ravikumar

Is it possible to check against the CN (Common Name) or SAN (Subject Alternative Names) of each and every certificate in the certificate chain for a match ?
I have 2 docker containers hosted on my VM, one of the containers (Logstash) conne… Continue reading Checking Against the CN Of Every Certificate In The Certificate Chain→

Checking Against the CN Of Every Certificate In The Certificate Chain

Posted on February 23, 2024 by Dhiwakar Ravikumar

Automatically check if a certificate matches specific ciphers

Posted on February 22, 2024 by Shahar G

My nginx backend server supports the following ciphers:
ssl_ciphers "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-… Continue reading Automatically check if a certificate matches specific ciphers→

this was spam here. It was removed

Posted on February 18, 2024 by hoang phan

this was spam here. It was removed.

Continue reading this was spam here. It was removed→

Connecting Logstash To Elasticsearch via SSL (Docker Container)

Posted on February 14, 2024 by Dhiwakar Ravikumar

My environment consists of 2 docker containers, one running Logstash and another running Elasticsearch on the SAME host & SAME docker network.
I am trying to setup SSL between the 2 of them (this is because Elasticsearch needs SSL and … Continue reading Connecting Logstash To Elasticsearch via SSL (Docker Container)→

Is it common practice that vendors put own root certificates on customer devices?

Posted on February 9, 2024 by Torsten Bronger

At work, we are deploying a new VoIP solution, and as part of that, we are supposed to install a custom root certificate on our computers and mobile devices. The manufacturer of that VoIP solution has the private key to that. The certif… Continue reading Is it common practice that vendors put own root certificates on customer devices?→

3 ways to achieve crypto agility in a post-quantum world

Posted on February 6, 2024 by Help Net Security

Working at the speed of digital business is a constant challenge. But in today’s increasingly automated operational environment, crypto agility—i.e., an organization’s ability to (at the moment of compromise) switch rapidly and seamlessly between certi… Continue reading 3 ways to achieve crypto agility in a post-quantum world→

AnyDesk has been hacked, users urged to change passwords

Posted on February 5, 2024 by Zeljka Zorz

AnyDesk Software GmbH, the German company behind the widely used (and misused) remote desktop application of the same name, has confirmed they’ve been hacked and their production systems have been compromised. The statement was published on Frida… Continue reading AnyDesk has been hacked, users urged to change passwords→

Will this certificate Pinning plan work as expected?

Posted on February 2, 2024 by Leonardo

I have a mobile app deployed to millions of user in both Android and iOS.
My Security dpto rotates our certs once a year.
Our certs are issued by GlobalSign.
I would like to pin the certificate without having to worry about the rotation of… Continue reading Will this certificate Pinning plan work as expected?→

"Your connection is not private" error on a locally published application [closed]

Posted on February 1, 2024 by Sheikh Asad Jawed

I am facing an issue where some (not all) Windows 10 machines receive a CERT_AUTHORITY_INVALID error when they are trying to open an internal application:

When I observed on the firewall it was directing clients towards a blocked IP. I re… Continue reading "Your connection is not private" error on a locally published application [closed]→