The JRE (Java Runtime Environment) uses the file cacerts as trust base for the HTTPS connections to a server. You can substitute this trust base by the Mozilla CA, used e.g. in Firefox.
No Sense
Some of my stupid thoughts
Monday, November 28, 2022
Monday, September 26, 2016
Create/Verify a Timestamp Request with OpenSSL
With the help of OpenSSL and curl you can easily create and verify SHA-1 based timestamps.
In this sample I will use the FreeTSA (https://freetsa.org/index_en.php) timestamp provider.
TSA Certificate: https://freetsa.org/files/tsa.crt
Key modulus (sha256): 899ba3d9f777e2a74bdd34302bc06cb3f7a46ac1f565ee128f79fd5dab99d68b
CA Certificate: https://freetsa.org/files/cacert.pem
Key modulus (sha256): a4b1a0a81aef68be1cc985d0f83bd6539cfe84174587f900e15ffe3f65433056
Download the certificate files:
Create timestamp request data
openssl ts -query -data data.txt -cert -sha1 -no_nonce \
-config openssl_ts.cnf -out data.txt.ts_req
The file openssl_ts.cnf is an empty file.
Send the timestamp request and store the response
curl -s -S -H 'Content-Type: application/timestamp-query' \
--data-binary @data.txt.ts_req http://freetsa.org/tsr \
-o data.txt.ts_res
Verify the data with the timestamp response
openssl ts -verify -config openssl_ts.cnf \
-in data.txt.ts_res -data data.txt \
-CAfile cacert.pem
You should see the following message from OpenSSL
Verification: OK
View the timestap request data on the timestamping providing site
The hash value will be stored at the timestamp provider side. If you want to view the stored data, you need the SHA-1 hash value of your document
openssl dgst -sha1 data.txt | sed -e 's/^.*= //'
aa9e3512f38bafce78040651b54085c69b540d5d
Now you can request the stored data
curl -X POST \
--data "hash=aa9e3512f38bafce78040651b54085c69b540d5d" \
http://freetsa.org/grep.php
Time stamp: Sep 26 10:55:17 2016 GMT - Hash Algorithm: sha1 - aa9e3512f38bafce78040651b54085c69b540d5d
In this sample I will use the FreeTSA (https://freetsa.org/index_en.php) timestamp provider.
TSA Certificate: https://freetsa.org/files/tsa.crt
Key modulus (sha256): 899ba3d9f777e2a74bdd34302bc06cb3f7a46ac1f565ee128f79fd5dab99d68b
CA Certificate: https://freetsa.org/files/cacert.pem
Key modulus (sha256): a4b1a0a81aef68be1cc985d0f83bd6539cfe84174587f900e15ffe3f65433056
Download the certificate files:
- wget http://freetsa.org/files/tsa.crt
- wget http://freetsa.org/files/cacert.pem
Create timestamp request data
openssl ts -query -data data.txt -cert -sha1 -no_nonce \
-config openssl_ts.cnf -out data.txt.ts_req
The file openssl_ts.cnf is an empty file.
Send the timestamp request and store the response
curl -s -S -H 'Content-Type: application/timestamp-query' \
--data-binary @data.txt.ts_req http://freetsa.org/tsr \
-o data.txt.ts_res
Verify the data with the timestamp response
openssl ts -verify -config openssl_ts.cnf \
-in data.txt.ts_res -data data.txt \
-CAfile cacert.pem
You should see the following message from OpenSSL
Verification: OK
View the timestap request data on the timestamping providing site
The hash value will be stored at the timestamp provider side. If you want to view the stored data, you need the SHA-1 hash value of your document
openssl dgst -sha1 data.txt | sed -e 's/^.*= //'
aa9e3512f38bafce78040651b54085c69b540d5d
Now you can request the stored data
curl -X POST \
--data "hash=aa9e3512f38bafce78040651b54085c69b540d5d" \
http://freetsa.org/grep.php
Time stamp: Sep 26 10:55:17 2016 GMT - Hash Algorithm: sha1 - aa9e3512f38bafce78040651b54085c69b540d5d
Tuesday, October 22, 2013
Some Active Java SSH Implementation Projects
- Ganymed SSH-2: Java based SSH-2 Protocol Implementation
http://code.google.com/p/ganymed-ssh-2/ - JSch - Java Secure Channel
http://www.jcraft.com/jsch/ - Trilead SSH-2 for Java
https://github.com/jenkinsci/trilead-ssh2/tree/master
Monday, June 24, 2013
Oracle Database Instant Client Installation
Oracle Database Instant Client Installation
The Oracle Instant Client software is an easy to use alternative to a full blown Oracle Client installation. Especially if you are mainly interested in the Oracle sqlplus tool.
1. Create an oracle account (if not already available)
# groupadd oracle
# useradd -c "Oracle Instant Client" -d /home/oracle \
-g oracle -m -s /bin/bash oracle
# password oracle
2. Login as user oracle and unpack the Oracle Instant Client software:
$ unzip instantclient-basiclite-linux.x64-11.2.0.3.0.zip
$ unzip instantclient-sqlplus-linux.x64-11.2.0.3.0.zip
3. Set the Oracle Instant Client environment
ORACLE_BASE=/home/oracle ; export ORACLE_BASE
ORACLE_HOSTNAME=`uname -n` ; export ORACLE_HOSTNAME
ORACLE_HOME=$ORACLE_BASE/instantclient_11_2 ; export ORACLE_HOME
ORACLE_SID=dbsecdocs ; export ORACLE_SID
TWO_TASK=$ORACLE_SID ; export TWO_TASK
TNS_ADMIN=$ORACLE_HOME ; export TNS_ADMIN
#
PATH=$ORACLE_HOME:$PATH ; export PATH
LD_LIBRARY_PATH=$ORACLE_HOME:$LD_LIBRARY_PATH ; export LD_LIBRARY_PATH
The Oracle Instant Client software is an easy to use alternative to a full blown Oracle Client installation. Especially if you are mainly interested in the Oracle sqlplus tool.
1. Create an oracle account (if not already available)
# groupadd oracle
# useradd -c "Oracle Instant Client" -d /home/oracle \
-g oracle -m -s /bin/bash oracle
# password oracle
2. Login as user oracle and unpack the Oracle Instant Client software:
$ unzip instantclient-basiclite-linux.x64-11.2.0.3.0.zip
$ unzip instantclient-sqlplus-linux.x64-11.2.0.3.0.zip
3. Set the Oracle Instant Client environment
ORACLE_BASE=/home/oracle ; export ORACLE_BASE
ORACLE_HOSTNAME=`uname -n` ; export ORACLE_HOSTNAME
ORACLE_HOME=$ORACLE_BASE/instantclient_11_2 ; export ORACLE_HOME
ORACLE_SID=dbsecdocs ; export ORACLE_SID
TWO_TASK=$ORACLE_SID ; export TWO_TASK
TNS_ADMIN=$ORACLE_HOME ; export TNS_ADMIN
#
PATH=$ORACLE_HOME:$PATH ; export PATH
LD_LIBRARY_PATH=$ORACLE_HOME:$LD_LIBRARY_PATH ; export LD_LIBRARY_PATH
Wednesday, October 17, 2012
Saturday, August 25, 2012
Simple usage example for class java.lang.ProcessBuilder under Windows (XP, Vista, ...)
It's easy to execute shell scripts under Windows with the help of the ProcessBuilder class:
Monday, August 20, 2012
New Feature in Java SE 7 Update 6: Alternative Hash Function
Be prepared for the upcoming Java SE 8! From http://mail.openjdk.java.net/pipermail/jdk7u-dev/2012-July/003721.html we learn the following:
Subscribe to:
Posts (Atom)