Posts

Showing posts from May, 2018

How to generate CSR from mmc

Image
This post will go over all the steps require to create or generate a CSR.  CSR is Certificate Signing Request . CSR is actually a text file (encoded text file) which is used in the process of creating a Certificate, e.g, SSL Certificate ( SSL is now phased out and the current standard used is TLS . However we continue to use the term SSL as it is more commonly used term ) or a Digital Certificate. This encoded text file contains the information about the server, device or domain for which you need a Digital Certificate. One generates a CSR locally and sends the request as a file to a Certificate Authority (CA). The Certificate Authority upon receiving the Certificate Signing Request (CSR) confirms the identity of the applicant and upon confirmation signs the CSR, and generates a Certificate ( SSL Certificate or a Digital Certificate) for the identity of the entity, Non Person Entity or a Person Entity. This Certificate can now be trusted by a third party since it was signed by a t...

OpenID Connect and Offline access

OpendID Connect provides ability for an application to make use of cached tokens for authenticating when the application is offline. Here is the OpenID Connect specifications for offline access . Link to discussion in Oracle forum    Here is an interesting discussion on offline and OAuth in stackoverflow

Tokenization

Image
Tokenization - for passing tokens across multiple parties on internet or a network. Common examples are passing tokens in credit card or user Personal Account Information. The idea of tokenization is to send a token to a remote party instead of actual credentials. Once credentials have been accepted by a verifying party, from there on tokens are sent between remote parties. Token is a random but unique identifier for a particular session between various parties. A new token is used for another session so that it cannot be replayed back. The key advantage here is that the transactions to the remote party uses this token instead of revealing the actual Account No of a user (Privacy). This not only protects the user's identity but also minimizes the risk of transmitting a user credential over unsecure channel or eavesdropping (Security).  Example Use Case : Pay via Tokenization without giving your personal card/credit card number to the merchant. Token transferred from Devi...