The software-defined load balancer by AVI Network allows, through the configuration of an Application Profile for a Virtual Service, to require an SSL client certificate: Using a specific PKI Profile it is possible to define which certificates will be accepted… for example you can configure your company’s Certificate Authority. This configuration however doesn’t allow more…
Not everyone knows that IIS (Internet Information Services), the webserver included in Windows Server, offers the possibility to perform mutual authentication using SSL certificates. You probably saw that, within the site’s SSL configuration, you can require an SSL client certificate to the client that is connecting: in this case, IIS only verifies that the submitted certificate…
Security is a very important aspect for MQTT brokers. In a previous article you’ve already learned how to implement authentication and authorization. The weakness in that configuration was that credentials were transmitted in cleartext; it was therefore possible, for an attacker who can sniff the network traffic, to read and use them to impersonate a legitimate client. Today I’ll show…
Today I faced a strange problem. I needed to import an SSL certificate in a java keystore, using the “classic” keytool command. I was sure that the format of the certificate was correct, but I always received the following error: java.util.IllegalFormatConversionException: d != java.lang.String The reason of the error is that – in the latest versions…
After having published my post about how to implement a webserver on the esp32 chip, some readers correctly warned me that everyone, once connected to the wifi network, could control the relay and asked me how to limit access to the webpage. A classic solution (that I also used in this previous tutorial) is to ask the user…
Users of the Google Chrome web browser were able to display the SSL certificate of a website published via https protocol with a click on the address bar. In the latest versions, this functionality has been removed: You now need some additional steps: first open the developer tools (CTRL-Shift-I): then select the Security tab and click on View certificate:…