tls1.2

Hyperledger Fabric Java SDK Use GRPCS for peer and orderer connections

て烟熏妆下的殇ゞ 提交于 2021-02-19 07:00:35
问题 I have a Spring Boot project using the fabric-java-sdk pointing to the BYFN network that I've stood up locally. The BYFN network does not have a CA container. I am trying to connect to the peer and orderer with grpcs since tls is enabled on my local BYFN network. Grpc fails. However, it appears that it doesn't like the CN or some other field in the cert presented by the peer during the initial TLS handshake. I think it doesn't like that I am pointing to localhost for the grpcs url, but the CN

503 error consuming thirdy part Soap webservice using TLS 1.2 and client certificate authentication with WCF

百般思念 提交于 2021-02-18 19:40:40
问题 I've got a problem consuming a Soap Web Service(w/att.) and MTOM that requires client certificate authentication (mutual?). Before writing what i've already tried i show you what i did in order to receive a client certificate: I've generated a RSA key with openssl command openssl genrssa -out mykey.key 2048 With this key i've generated a CSR : openssl req -new -key mykey.key -out mycsr.csr I've sent this CSR to the web service owner in order to receive a client certificate , and they gave me

503 error consuming thirdy part Soap webservice using TLS 1.2 and client certificate authentication with WCF

廉价感情. 提交于 2021-02-18 19:38:57
问题 I've got a problem consuming a Soap Web Service(w/att.) and MTOM that requires client certificate authentication (mutual?). Before writing what i've already tried i show you what i did in order to receive a client certificate: I've generated a RSA key with openssl command openssl genrssa -out mykey.key 2048 With this key i've generated a CSR : openssl req -new -key mykey.key -out mycsr.csr I've sent this CSR to the web service owner in order to receive a client certificate , and they gave me

use docker's remote API in a secure manner

南笙酒味 提交于 2021-02-16 21:28:59
问题 I am trying to find an effective way to use the docker remote API in a secure way. I have a docker daemon running in a remote host, and a docker client on a different machine. I need my solution to not be client/server OS dependent, so that it would be relevant to any machine with a docker client/daemon etc. So far, the only way I found to do such a thing is to create certs on a Linux machine with openssl and copy the certs to the client/server manually, as in this example: https://docs

iOS ECONNRESET with incomplete TLS handshake - generating errSSLClosedNoNotify

前提是你 提交于 2021-02-11 17:01:07
问题 When we try to access one API from the iOS application running on iOS 13 using cellular (4G), it shows intermittent error: [] -[NWConcrete_nw_address_endpoint initWithAddress:overridePort:] Fixing endpoint address with non-zero sin_zero field [] tcp_input [C4.1:3] flags=[R.] seq=4011135460, ack=1357945681, win=0 state=ESTABLISHED rcv_nxt=4011135460, snd_una=1357945681 Connection 4: received failure notification Connection 4: received ECONNRESET with incomplete TLS handshake - generating

Mutual Authentication in Scala with Akka

只谈情不闲聊 提交于 2021-02-10 15:14:12
问题 I would create a TLS Session in Scala using Akka with mutual authentication between a client and a server. I have created two CA certificate that have to trust the respective certificates incoming from the other part. Could you give me an exemple of how implement this? Thank you. 回答1: I created a github project which demonstrates mutual authentication with different kind of clients, including Akka. Please have a look here: https://github.com/Hakky54/mutual-tls-ssl It contains a full example

How to do proxy and TLS in golang

一笑奈何 提交于 2021-02-10 14:43:41
问题 I am trying to route my requests through a proxy and also sending cert.pem in TLS config. Below code is throwing this error - proxyconnect tcp: tls: first record does not look like a TLS handshake . When I change the proxy URL from https to HTTP, the same code works. However proxy URL with https works in python. Below is my code so far certs := x509.NewCertPool() pemFile, err := ioutil.ReadFile("cert.pem") if err != nil { return } certs.AppendCertsFromPEM(pemFile) tlsConfig := &tls.Config{

How to do proxy and TLS in golang

拥有回忆 提交于 2021-02-10 14:42:04
问题 I am trying to route my requests through a proxy and also sending cert.pem in TLS config. Below code is throwing this error - proxyconnect tcp: tls: first record does not look like a TLS handshake . When I change the proxy URL from https to HTTP, the same code works. However proxy URL with https works in python. Below is my code so far certs := x509.NewCertPool() pemFile, err := ioutil.ReadFile("cert.pem") if err != nil { return } certs.AppendCertsFromPEM(pemFile) tlsConfig := &tls.Config{

Avoid sending TLS_EMPTY_RENEGOTIATION_INFO_SCSV cipher in TLS Client Hello

旧城冷巷雨未停 提交于 2021-02-08 12:34:07
问题 Node.js sends the TLS_EMPTY_RENEGOTIATION_INFO_SCSV cipher by default to protect itself against the POODLE attack. I'm trying to avoid sending this cipher (even though this may pose a security risk) by overriding the TLS ciphers with a custom list of ciphers. However, Node.js keeps sending the TLS_EMPTY_RENEGOTIATION_INFO_SCSV cipher no matter what I do. I'm trying to deliberately avoid sending this cipher to mimic the TLS negotiation of Firefox/Chrome. Here's the code I use to modify and

How to make a TLS connection using python?

点点圈 提交于 2021-02-07 19:42:07
问题 I would like to create a TLS connection to a server. Then, I want to send some encrypted data to the server. I know the hostname and port and I have the certificate. Surprisingly, I also received the private key of the server. However, I think it is not normal that I received the private key. The first question is that, do I really need the private key to make a TLS connection? By the way, I am using this python script import socket import ssl server_addr = '**.**.**.**' server_port = ****