Posts

Showing posts from July, 2015

keytool , JKS and orapki

Image
This post will cover keytool, JKS and orapki 1) What is keytool The Java Keytool is a command line tool that can work with Java KeyStore files. The Keytool can generate key pairs into a KeyStore file, export certificates from, and import certificates into a KeyStore and several other functions. keytool utility is available when you install Java sdk. Here are a few commonly used keytool commands. See below keytool under java 1.8 version. Default location is where you installed JDK, e.g. C:\Program Files\Java\jdk1.8.0_45\bin> Keytool command --------------------------------------------------------------------------------- 2) What is Java Keystore (JKS) JKS is a container that stores the signature and encryption keys required by the X.509 token on the client. JKS is a proprietary keystore format defined by Sun Microsystems/now Oracle Java. Trusted certificates and public and private keys are stored in the keystore. JKS protects private keys with a password for security....

HTTP get

Image
A Security-focused HTTP Primer https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods LINK Home  »  Study  » A Security-focused HTTP Primer What follows is a primer on the key security-oriented characteristics of the HTTP protocol. It’s a collection of a number of different sub-topics, explained in my own way , for the purpose of having a single reference point when needed. Basics Query Strings, Parameters, and Ampersands URL Encoding Authentication HTTP Requests Request Methods HTTP Responses Status / Response Codes HTTP Headers Proxies Cookies Basics Message-based You make a request, you get a response. Line-based Lines are quite significant in HTTP. Each header is on an individual line (each line ends with a <crlf>), and a blank line separates the header section from the optional body section. Stateless HTTP doesn’t have the concept of state built-in, which is why things like cookie...