For excessively paranoid client authentication.
Original: https://gist.github.com/mtigas/952344
openssl x509 -in server.crt -out server.der -outform DER
openssl x509 -in server.der -inform DER -out server.pem -outform PEM
Benoit Schweblin benweet
deiu
/ webcryptoapi.html
Last active
November 18, 2024 01:55
Web Crypto API example: RSA keygen & export & import & sign & verify & encrypt & decrypt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- MIT License --> | |
| <html> | |
| <head> | |
| <script> | |
| function generateKey(alg, scope) { | |
| return new Promise(function(resolve) { | |
| var genkey = crypto.subtle.generateKey(alg, true, scope) | |
| genkey.then(function (pair) { | |
| resolve(pair) | |
| }) |
thomasdarimont
/ App.java
Last active
December 23, 2024 09:33
How to use custom SpEL functions in @value with Spring Boot
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package demo; | |
| import static java.lang.reflect.Modifier.*; | |
| import java.util.Arrays; | |
| import java.util.Set; | |
| import org.springframework.beans.BeansException; | |
| import org.springframework.beans.factory.annotation.Value; | |
| import org.springframework.beans.factory.config.BeanExpressionResolver; |
alexishida
/ nginx-config-auth-cert-ssl.md
Last active
November 26, 2024 15:48
Tutorial to configure Nginx client-side SSL certificates.
superseb
/ restore_rancher2_agents.md
Last active
November 14, 2024 10:09
Restore Rancher 2 cluster/node agents on clusters
This is an unsupported scenario, see rancher/rancher#14731 when there is an official solution.
When cattle-cluster-agent and/or cattle-node-agent are accidentally deleted, or when server-url/cacerts are changed.
- Generate API token in the UI (user -> API & Keys) and save the Bearer token
- Find the clusterid in the Rancher UI (format is
c-xxxxx), its in the address bar when the cluster is selected
- Advanced logging:
java -jar -Djavax.net.debug=ssl:handshake:verbose app.jar
- make sure you specify correct configuration:
java -jar -Djavax.net.debug=ssl:handshake:verbose app.jar --server.port=8443 --server.security.require-ssl=true --server.ssl.key-store=/path/to/keystore --server.ssl.key-store-password=password --server.ssl.protocol=TLS
- See what’s in the store:
keytool -list -keystore /path/to/keystore -storepass password
patrickfav
/ AesGcmTest.java
Last active
February 27, 2024 11:32
Java Authenticated Encryption with AES and GCM.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package at.favre.lib.bytes.otherPackage; | |
| import org.junit.Test; | |
| import javax.crypto.Cipher; | |
| import javax.crypto.SecretKey; | |
| import javax.crypto.spec.GCMParameterSpec; | |
| import javax.crypto.spec.SecretKeySpec; | |
| import java.nio.ByteBuffer; | |
| import java.nio.charset.StandardCharsets; |
OlderNewer