Collaborate Disseminate
I am trying to identify a certificate CA distributed on https://acraiz.icpbrasil.gov.br/repositorio/Cadeia_FIREFOX.der (which is served signed by itself, while all pages leading to it are signed by a 3rd party that is included in all brows… Continue reading How to identify certificate package type?
I read this, but it doesn’t say if the public keys of the root and intermediaries are inside.
I understand I need to upload my digital certificate that I obtained from CA and also my private key. But what happens in the server after I uploaded? Does the server actually read my certificate and sign a message taken from the cert and … Continue reading What happens behind the scene when I install an SSL certificate for a website?
I created a root CA and intermediate CA, and then created a server CA certificate signed by the intermediate CA. The purpose of whole that is for a TLS one way encryption between a java thin client and a server.
Please find the commands be… Continue reading how to create truststore and keystore
I tried to search online for the difference between both CSR certificate and a certificate but I couldn’t find a concrete asnwer.
I am doing my own lab using this tutorial https://www.golinuxcloud.com/openssl-create-certificate-chain-linux… Continue reading what is the difference between the root CA certificate and the intermediate CSR certificate
I was testing the supported cipher suites for an exposed httpd service.
On the server, the cipher suites are defined in the httpd properties file ( httpd.sslCipherSuite=….)
When I run testssl from my Kali machine, I get a list of cipher … Continue reading testssl not detecting all cipher suites
openssl AES-128-CBC can be decrypted with a new IV different than the IV from encryption.
It seems that IV does not change the cipher too much as long as they share the same key.
I have an example using K=k1 and iv= iv1 to encrypt a file A… Continue reading openssl aes-128-cbc can be decrypted using different IV from encryption
The team is trying to decide which SSL implementation should be used in a specific embedded device. The device should be FIPS 140-3 certified. A part of the team wants to buy the license for the Mocana implementation because they worked wi… Continue reading Is there any advantage of using Mocana SSL library vs openSSL?
The subject (sort of) says it all…
Is there a TLS library (other than OpenSSL which does everything 🙂 ) that allows me to:
Add my own extensions to the TLS
Get the certificate data so I can make a certificate fingerprint
What I’m try… Continue reading Is there an SSL library that allows me to add and access extensions and the certificate data?
In the macos system, when using the openssl cms command, the following error occurs, how to solve this problem.
openssl cms -decrypt -inform PEM -in privateKey.p7m -inkey privateKeyP7m.key -out privateKey.der
openssl:Error: ‘cms’ is an inv… Continue reading Enable encrypted message syntax (cms) in macos system