Category Archives: Security

#OpenSSH private keys with old PEM format

Starting from openssh 7.8 the default format for private keys has changed from PEM to OpenSSH: That means that private keys generated with the referenced command: (ssh-keygen -t rsa -b 4096) are no longer generated as PEM format. Lot’s of online services do not accept this format yet CircleCI, GitHub are some of the services… Read More »

Advertisements

#EasyRSA Certificate based authentication of #SoapUI client to a secure WebService running on #JBoss or #WildFly application server

The following is a very quick guide on how to set up a EasyRSA certificate based authentication of SoapUI API client to connect to a WebService based API that runs on JBoss or WildFly. Generate a local CA with EasyRSA Download and install easy-rsa – https://github.com/OpenVPN/easy-rsa Go to the installation folder and change the following… Read More »

Secure an #nginx or #apache website using #ssllabs.com

From time to time is good to perform a security audit to your Internet exposed services. Things change fast online so you have to keep up with the security reports to be able to maintain secure services online. My favorite tool for SSL related security audit is the great resource at www.ssllabs.com. The audit performed… Read More »

Kaspersky Lab banned all across Europe #infosec

I am a long time evangelist of not using software that is linked to abusive governments. This applies sadly to a lot of software products and software environments linked to Russia and China. Regarding this, Kaspersky was one of my main “do not use” advice I was giving to people I know and to job… Read More »

Security: Generate certificates with keytool

The following is an example on how to generate a certificate directly on a Linux server using keytool, then sign it by a windows CA. The example assumes we are regenerating a certificate for a glasfish domain. STEP 1: Delete the old certificate In glasfish in each domain where security is activated we have a… Read More »

Security: Maintaining a secure WordPress blog

I already have several posts related to security of an exposed Internet site. They were all summarized in the post Blog Links: Web site security As we know, the Internet threats are constant and evolving so to maintain the same level of security we constantly have to update the configurations of a secure installation. In… Read More »