Search the Site

 

Top
Blog

My Social
Services
Meta
Powered by Squarespace

Entries in certificate (4)

Friday
Mar112011

Configure SSL Certificate for Juniper J-Web Interface

DateFriday, March 11, 2011 at 10:03

By default, the J-Web interface (GUI for the Juniper SRX firewalls) has SSL enabled. Like most devices with SSL out-of-the-box, the protection is based on a self-signed certificate. Self-signed certificates are easy (they come basically out-of-the-box), but they tend to nag you every time you connect to the GUI. So, it's time to install a proper certificate.

In this case, I use the XCA (1) software to create a new certificate. This certificate is signed by my own root CA, which I installed on all of my devices and Operating Systems. Basically, I trust myself.....

According to the Juniper support pages on SSL certificate usage, I found out that the certificates are to be in the PEM format. No problem for XCA.

Click to read more ...

AuthorWillem | Comment2 Comments |
tagged , , , , , in , ,
Wednesday
Dec162009

Adobe Flash Player Problems

DateWednesday, December 16, 2009 at 14:03

Updated on Wednesday, December 16, 2009 at 22:26 by Registered CommenterWillem

Since I encountered some problems with flash on certain websites, I decided to check if my Flash player has been updated since 1972. Normally you can check the Flash settings (incl auto-update functions) through a page on the Adobe/Macromedia website. Which is weird, since you would think that this is a local setting (incl. privacy settings and audio functionalities).... But no. Macromedia/Adobe decided that you have to do that through their website.
The reason being that they can check whatever you are doing with your player.......

Click to read more ...

AuthorWillem | CommentPost a Comment |
tagged , , , , , in , ,
Tuesday
Jul212009

Juniper NSMXpress 'Fun'

DateTuesday, July 21, 2009 at 21:01

Today was one of those days. First the two NSMXpress appliances failed yesterday (version 2008.2r2). No way of connecting the client gui. The webinterface and SSH connections worked fine though. Picked one up for examination, and since I had some *cough*good*cough* experiences a while back I assumed the latest software had some undocumented bug.

A back to factory defaults (version 2007.3r1) worked fine, but due to certain hardware the 2008 version was needed. So I upgraded the appliance (again) and found (while waiting) that the security certificate, used between the NSM server and the client gui, had expired on Juli 20th, 2009....... So someone forgot to update the certificates in the 2008.2r2 software.
After fixing that, the client gui worked like a charm.

Click to read more ...

AuthorWillem | CommentPost a Comment |
tagged , , , , in , , ,
Sunday
Jun032007

Installation Root CA on Nokia E61 Made Easier

DateSunday, June 3, 2007 at 17:13

Updated on Wednesday, February 10, 2010 at 8:53 by Registered CommenterWillem

From this day on, you can install certificates from non-trusted CA's on your Symbian-based phone (like the Nokia E61) using this page euh.. this page.

UPDATE: it seems that most other phone brands and types work as well (the S40 based devices are left out... sorry).

All you need to do is make sure that the certificate is in the DER format. The webpage doesn't verify if the certificate is in the correct format. This is up to the uploader.

I created this page, because I work a lot with digital certificates, so I don't want to be bothered with the workaround described in the earlier post. The current version is quick-and-dirty (no error messages). I'll try to make it more user friendly in the next couple of days (like having the option of sending the URL to an e-mail address). Just make sure that you obey the guidelines shown on the page, and all should go well.

Feel free to add a comment on how to improve this.

Click to read more ...

AuthorWillem | Comment105 Comments | Reference1 Reference |
tagged , , , , , in ,