ssl

问题 I used this link to create the self signed root CA certificate and the server key pair Used this link to generate the client key pair using the previously generated root certificate Although the links are for setting up SSL for MosquittoMQ and my use case is for ActiveMQ, I believe the certificate generation procedure remains the same for either case. The clients I'm using are Java clients. The broker keystore contains the root certificate and server public and private key bundled into a

问题 I'm using WebLogic 12.2.1.3.0 and JDK8 to run following part of code in my PoC application deployed. Application uses weblogic.net.http.HttpsURLConnection client class: import java.net.URL; import java.net.URLEncoder; import java.security.Provider; import java.security.cert.X509Certificate; import javax.net.ssl.SSLSession; import weblogic.net.http.HttpURLConnection; import weblogic.net.http.HttpsURLConnection; import weblogic.security.SSL.HostnameVerifier; import weblogic.security.SSL

问题 I'm using WebLogic 12.2.1.3.0 and JDK8 to run following part of code in my PoC application deployed. Application uses weblogic.net.http.HttpsURLConnection client class: import java.net.URL; import java.net.URLEncoder; import java.security.Provider; import java.security.cert.X509Certificate; import javax.net.ssl.SSLSession; import weblogic.net.http.HttpURLConnection; import weblogic.net.http.HttpsURLConnection; import weblogic.security.SSL.HostnameVerifier; import weblogic.security.SSL

问题 I am unable to connect to an HTTPS server (TLS 1.3) using WebRequest because of this error message: The request was aborted: Could not create SSL/TLS secure channel. The previous TLS version was 1.2 and with below code I could GET the page properly but as the page ssl upgraded to TLS 1.3 I got the error and also I cannot find any solution about it: ServicePointManager.Expect100Continue = true; ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12; In fact, I think it should be

问题 I am unable to connect to an HTTPS server (TLS 1.3) using WebRequest because of this error message: The request was aborted: Could not create SSL/TLS secure channel. The previous TLS version was 1.2 and with below code I could GET the page properly but as the page ssl upgraded to TLS 1.3 I got the error and also I cannot find any solution about it: ServicePointManager.Expect100Continue = true; ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12; In fact, I think it should be

问题 I am very new to Cryptography using Java. I have to build a program that exchanges certificate before any data communication takes place. I am using sslSockets to build basic client-server program and I am not using HTTP/S, this is just to get extra security. (Would like to know difference between Socket and SSLSocket.. does it mean everything is automatically encrypted?) Here's my UPDATED Server Code: public class SSLServerExample { final static String pathToStores = "C:/Users/XXX/Desktop

问题 trying to run gitblit, on tomcat 9, using JDK 11 occassionaly results in this stack trace: gitblit | 07-May-2020 04:30:39.247 SEVERE [https-jsse-nio-8443-exec-10] org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun Error running socket processor gitblit | java.lang.NullPointerException gitblit | at java.base/sun.security.ssl.HKDF.extract(HKDF.java:93) gitblit | at java.base/sun.security.ssl.HKDF.extract(HKDF.java:119) gitblit | at java.base/sun.security.ssl.ServerHello.setUpPskKD

问题 I have the following script. It connects to a TLS server and extracts some X509 data such as validity dates and public-key. I have the following script: import socket, ssl import OpenSSL hostname='www.google.com' port=443 context = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2) s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) ssl_sock = context.wrap_socket(s, server_hostname=hostname) ssl_sock.connect((hostname, port)) ssl_sock.close() print("ssl connection Done") cert = ssl.get_server_certificate

问题 what is the difference between openssl ca and openssl x509 commands? I'm using it to create and sign my root-ca, intermed-ca and clients certificates, but the openssl ca command does not register the cellphone and emailAddress on the certificates while openssl x509 does. openssl x509: openssl x509 -req \ -in client.req.pem \ -out client.cert.pem -signkey client.privkey.pem \ -CA ca.cert.pem -CAkey ca.key.pem -CAcreateserial -days 365 openssl ca: openssl ca \ -in client.req.pem \ -out client

问题 Who do I get https.request() to trust my internally-signed server certificate. Here is a quick example of the code I'm running in v0.10.25: var options = { hostname: 'encrypted.mydomain.local', port: 443, path: '/', method: 'GET' }; var https = require('https') https.request(options) I'm running this on a Windows system which has my internal root CA trusted at the system level, but whenever I make a request like this I get the exception events.js:72 throw er; // Unhandled 'error' event ^