Archive for May, 2009

View x509 certificate details

May 6, 2009 at 17:35 · Tags: , , , , , , , ,

OpenSSL is quite a complex application, however it is quite easy to get it to show you details or a given x509 SSL certificate using this command:


$ openssl x509 -in filename.crt -noout -text

Where filename corresponds to the X.509 certificate file, which typically would end in .crt, .cert or .pem.

VN:F [1.8.5_1061]
Rating: 0.0/10 (0 votes cast)
VN:F [1.8.5_1061]
Rating: 0 (from 0 votes)

Related posts:

  1. SSL: Verifying that a Certificate matches a Private Key
  2. View The Contents Of A Certificate Signing Request (CSR)
  3. Howto Create Generate a Certificate Signing Request
  4. Howto: Convert an OpenSSL key to a public/private OpenSSH key-pair
  5. OpenSSL CSR Wizard
  6. Openssl to create an unencrypted key from an encrypted one (Remove password)
  7. SSL Certificates Review: What to Buy
  8. an ex-microsoft employee’s view on Linux and the open source community
  9. Top 10 Free Windows 7 Applications
  10. The VMware house of cards

Comments

SSL: Verifying that a Certificate matches a Private Key

May 6, 2009 at 17:28 · Tags: , , , , , , , , , , ,

The private key contains a series of numbers. Two of those numbers form the “public key”, the others are part of your “private key”. The “public key” bits are also embedded in your Certificate (we get them from your CSR). To check that the public key in your cert matches the public portion of your private key, you need to view the cert and the key and compare the numbers.

Normally it requires some manual number matching to match a given private key with a given certificate, however with this command you are able to do a comparison automatic:


$ (openssl x509 -noout -modulus -in server.pem | openssl md5 ;\
openssl rsa -noout -modulus -in server.key | openssl md5) | uniq

(If more than one hash is displayed, they don’t match)

VN:F [1.8.5_1061]
Rating: 0.0/10 (0 votes cast)
VN:F [1.8.5_1061]
Rating: 0 (from 0 votes)

Related posts:

  1. View x509 certificate details
  2. Howto Create Generate a Certificate Signing Request
  3. Howto: Convert an OpenSSL key to a public/private OpenSSH key-pair
  4. View The Contents Of A Certificate Signing Request (CSR)
  5. Openssl to create an unencrypted key from an encrypted one (Remove password)
  6. SSL Certificates Review: What to Buy
  7. OpenSSL CSR Wizard
  8. SSH Key for Login Without Password
  9. Howto Secure Apache
  10. sec_error_reused_issuer_and_serial – Firefox

Comments

Howto: Workaround censorship in relation to thepiratebay.org

May 1, 2009 at 18:56 · Tags: , , , ,

To get around the censorship you can to change the name server settings on your computer or router. Here are some different ways to do it.

Option 1: Use OpenDNS
OpenDNS is a project that helps you to avoid the censorship in an easy way. On their website you can find information about how to configure your computer, regardless of which operating system you use. They also have guides for a large amount of routers.

Option 2: Guide for Mac OS X
(the official OS X Leopard guide from OpenDNS)

1. Go to System Preferences
2. Click on Network
3. Select Built In Ethernet and click Advanced
4. Select the DNS tab and add 208.67.222.222 and 208.67.220.220 to the list of DNS servers. Click OK

Option 4: Guide for Windows XP”
1. Select Control Panel from the Start menu.
2. Click Network Connections from the Control Panel choices.
3. Choose your connection from the Network Connections window.
4. Click Properties button.
5. Select Internet Protocol (TCP/IP) and click Properties.
6. Click the radio button Use the following DNS server addresses and type in OpenDNS addresses in the Preferred DNS server and Alternate DNS server fields.

Option 4: Guide for Windows Vista”
1. Click the Start Orb, then select Control Panel.
2. Click on View network status and tasks.
3. Click on View status.
4. Click the Properties button.
5. Vista may ask for your permission to make changes. If so, click the Continue button.
6. Select Internet Protocol Version 4 (TCP/IPv4), then click the Properties button.
7. Click the radio button Use the following DNS server addresses: and type in OpenDNS addresses in the Preferred DNS server and Alternate DNS server fields.
8. Click the OK button, then the Close button, and the Close button again. Close the Network and Sharing Center window.

VN:F [1.8.5_1061]
Rating: 0.0/10 (0 votes cast)
VN:F [1.8.5_1061]
Rating: 0 (from 0 votes)

Related posts:

  1. Howto Access via ssh a Virtualbox Guest machine
  2. Jailbreak iPhone 3GS Using redsn0w (Windows)
  3. Xen Howto: Install Windows
  4. Howto Install Windows XP / Vista on Xen
  5. Upgrading to Ubuntu 9.04
  6. Howto Tunnel Through a Firewall Using Sockscap and SSH
  7. Howto: Office 2007 on Linux with Wine
  8. Howto crack (or hack) a wireless network with Wired Equivalent Privacy (WEP)
  9. TCP Resource Exhaustion Denial of Service (DoS) Attack
  10. HackerGuide: Sniff Live Network Connections Using Ettercap

Comments (2)