Collaborate Disseminate
Is there a possibility to decrypt TLS data encapsulated within TDS Microsoft TSQL protocol?
The TLS handshake seems to occur within TDS data, right after the TDS pre-login
The handshake itself is missing the client Hello (starts directly … Continue reading Decrypt TLS (DHE cypher) inside of TDS (Microsoft SQL Tabular Data Stream protocol)
My environment consists of 2 docker containers, one running Logstash and another running Elasticsearch on the SAME host & SAME docker network.
I am trying to setup SSL between the 2 of them (this is because Elasticsearch needs SSL and … Continue reading Connecting Logstash To Elasticsearch via SSL (Docker Container)
I am not confident in my understanding of Certificate Authority and signing certificates. I’m wondering how do you verify the authenticity of an issuer when inspecting an entity certificate.
Here’s the scenario that I am using to improve … Continue reading Openssl command to verify authenticity of CA Issuer? And the "magic" behind it? [duplicate]
I just stumbled upon this fedramp document: https://www.fedramp.gov/assets/resources/templates/FedRAMP-Moderate-Readiness-Assessment-Report-(RAR)-Template.docx
It contains the following note in 4.2.2 Transport Layer Security:
Note: DHS BO… Continue reading Why does Fedramp disallow TLS 1.2 via HSTS?
I have a mobile app deployed to millions of user in both Android and iOS.
My Security dpto rotates our certs once a year.
Our certs are issued by GlobalSign.
I would like to pin the certificate without having to worry about the rotation of… Continue reading Will this certificate Pinning plan work as expected?
I am facing an issue where some (not all) Windows 10 machines receive a CERT_AUTHORITY_INVALID error when they are trying to open an internal application:
When I observed on the firewall it was directing clients towards a blocked IP. I re… Continue reading "Your connection is not private" error on a locally published application [closed]
I’m looking for a standard solution to the following problem. I’ve been unable to find how something like this is normally accomplished. Even a key word that points me in the right direction would be helpful at this point.
Imagine two devi… Continue reading Authenticating a device for remote motor control
I am attempting to perform real time decryption of TLS 1.3 packets (TLS_AES_256_GCM_SHA384). I have retrieved the mastersecrets for the specific flow by using uprobes on OpenSSL, and matched the mastersecrets to the flow using ClientRandom… Continue reading Real Time Decryption of TLS 1.3 packets Asked today Modified today [closed]
I am reading about how certificates work in the context of X.509, SSL/TLS/HTTPS. According to Wikipedia, the client (e.g. a browser) is supposed to check the revocation status for each non-root certificate as a part of certification path v… Continue reading How is issuing a certificate revocation response different from re-issuing the certificate itself?
It is not clear to me how the Common Name affects a certificate authority and the certificates that are ultimately created. For example, I have this simple script that creates some files for a certificate authority auto-generated/ca.* and… Continue reading Criteria for Common Name of Certificate Authority and how it affects SSL certificates