SlideShare uma empresa Scribd logo

Do you trust that certificate?

Z
zunda

I hope to communicate to developers of web apps, especially of those handles payment information, that they should be aware of what they trust when developing an app. This should make the app more secure and make the developers aware of when to update gems or certs. A rabbit*1 presentation presented as a Lighting Talk at RubyKaigi 2015*2. - *1 http://rabbit-shocker.org/ - *2 http://rubykaigi.org/2015/presentations/lt URLs - https:/www.hyuki.com/cr/ - https://blog.mozilla.org/security/2014/09/08/phasing-out-certificates-with-1024-bit-rsa-keys/ - https://ja.wikipedia.org/wiki/SHA-1 - https://aws.amazon.com/security/security-bulletins/aws-to-switch-to-sha256-hash-algorithm-for-ssl-certificates/ - https://googleonlinesecurity.blogspot.com/2015/10/sustaining-digital-certificate-security.html

Tecnologia
1 de 69
Baixar para ler offline
Do you trust that certificate?
@zundan
@zundan
@zundan
Important!
Introduction to modern cryptography
www.hyuki.com/cr/
Transport Layer Security
Secure Socket Layer
TLS/SSL
https://
A web application
Receives requests
Calls external resources
That handles secret information
How does app trust them?
PKI
Public-key nfrastructure
Server certificate
Signed by Certificate Authority
Certificate chain ssl.zunda.ninja:443 | COMODO RSA Validation Secure Server CA | COMODO RSA Certification Authority | | AddTrust External CA Root
One day
Error
Error SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify
I did not change anything!
but
Something outside has changed
Error SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify
Certificate chain ssl.zunda.ninja:443 | [NEW] Some Server CA | [NEW] Some Certification Authority | | [NEW] Unknown CA Root
2014-09 1024 bit hash
2015-09 SHA-1
Replace with new certs
On new CA certs
That app does not know
Certificate chain ssl.zunda.ninja:443 | [NEW] Some Server CA | [NEW] Some Certification Authority | | [????]
Error SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify
So ...
$ bundle update
well ...
Include new CA cert in app
Monkey patch to use it
Net::HTTP module Net class HTTP alias_method :original_use_ssl=, :use_ssl= def use_ssl=(flag) self.ca_file = File.dirname(__FILE__) + '/../../certs/cacert.pem' self.verify_mode = OpenSSL::SSL::VERIFY_PEER self.original_use_ssl = flag end end end
ActiveMerchant module ActiveMerchant class Connection def configure_ssl(http) return unless endpoint.scheme == "https" http.use_ssl = true if verify_peer http.verify_mode = OpenSSL::SSL::VERIFY_PEER http.ca_file = File.dirname(__FILE__) + '/../../certs/cacert.pem' else http.verify_mode = OpenSSL::SSL::VERIFY_NONE end end end end
System's CA certs
Where are they?
System's certs $ openssl version -d OPENSSLDIR: "/usr/lib/ssl" $ ls /usr/lib/ssl certs@ misc/ openssl.cnf@ private@ $ ls -l /usr/lib/ssl/certs ... /usr/lib/ssl/certs -> /etc/ssl/certs/
openssl/ssl.rb If the verify_mode is not VERIFY_NONE and ca_file, ca_path and cert_store are not set then the system default certificate store is used.
openssl/ssl.rb module OpenSSL module SSL class SSLContext def set_params(params={}) # snip if self.verify_mode != OpenSSL::SSL::VERIFY_NONE unless self.ca_file or self.ca_path or self.cert_store self.cert_store = OpenSSL::X509::Store.new end end return params end end end end
System's certs module ActiveMerchant class Connection def configure_ssl(http) return unless endpoint.scheme == "https" http.use_ssl = true if verify_peer http.verify_mode = OpenSSL::SSL::VERIFY_PEER http.ca_path = nil http.ca_file = nil else http.verify_mode = OpenSSL::SSL::VERIFY_NONE end end end end
Anyway
Remember what we trust
What are coming?
2016-06-01
Symantec certs on Google products?
Will there be updates?
On Ubuntu : 2013-01-19 2013-06-10 2013-09-06 2014-03-25 2014-10-19 2015-04-26 launchpad - ca-certificates
On ActiveMerchant 2007-03-03 2011-09-15 2015-01-16 activemerchant - active_merchant
Remember and be prepared!
Once more
www.hyuki.com/cr/
CRL
Certificate Revocation List
How are we updating this?
SSL and TLS1.0 will be disabled
PCI Compliance
Payment Card Industry
Remember what we trust
URLs 暗号技術入門 Phasing out Certificates with 1024-bit RSA Keys SHA-1 AWS to Switch to SHA256 Hash Algorithm for SSL Certificates Sustaining Digital Certificate
CC BY-ND 4.0 Presented as a lightning talk in RubyKaigi 2015 on 2015-12-12 Copyright 2015 by zunda <zundan@gmail.com>

Recomendados

EAP-TLS
EAP-TLSEAP-TLS
EAP-TLSKarri Huhtanen
 
Security issues in RADIUS based Wi-Fi AAA
Security issues in RADIUS based Wi-Fi AAASecurity issues in RADIUS based Wi-Fi AAA
Security issues in RADIUS based Wi-Fi AAAKarri Huhtanen
 
OAuth 2.0 Threat Landscape
OAuth 2.0 Threat LandscapeOAuth 2.0 Threat Landscape
OAuth 2.0 Threat LandscapePrabath Siriwardena
 
Dr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talkDr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talkpromediakw
 
Webservice security considerations and measures
Webservice security considerations and measuresWebservice security considerations and measures
Webservice security considerations and measuresMaarten Smeets
 
XenMobile Packet Flow
XenMobile Packet FlowXenMobile Packet Flow
XenMobile Packet FlowNuno Alves
 
id.net APIs for Hosts
id.net APIs for Hostsid.net APIs for Hosts
id.net APIs for HostsEdwin J.
 
Architecting &Building Scalable Secure Web API
Architecting &Building Scalable Secure Web APIArchitecting &Building Scalable Secure Web API
Architecting &Building Scalable Secure Web APISHAKIL AKHTAR
 

Recomendados

EAP-TLS
EAP-TLSEAP-TLS
EAP-TLSKarri Huhtanen
 
Security issues in RADIUS based Wi-Fi AAA
Security issues in RADIUS based Wi-Fi AAASecurity issues in RADIUS based Wi-Fi AAA
Security issues in RADIUS based Wi-Fi AAAKarri Huhtanen
 
OAuth 2.0 Threat Landscape
OAuth 2.0 Threat LandscapeOAuth 2.0 Threat Landscape
OAuth 2.0 Threat LandscapePrabath Siriwardena
 
Dr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talkDr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talkpromediakw
 
Webservice security considerations and measures
Webservice security considerations and measuresWebservice security considerations and measures
Webservice security considerations and measuresMaarten Smeets
 
XenMobile Packet Flow
XenMobile Packet FlowXenMobile Packet Flow
XenMobile Packet FlowNuno Alves
 
id.net APIs for Hosts
id.net APIs for Hostsid.net APIs for Hosts
id.net APIs for HostsEdwin J.
 
Architecting &Building Scalable Secure Web API
Architecting &Building Scalable Secure Web APIArchitecting &Building Scalable Secure Web API
Architecting &Building Scalable Secure Web APISHAKIL AKHTAR
 
Building trust between modern distributed systems with spiffe
Building trust between modern distributed systems with spiffeBuilding trust between modern distributed systems with spiffe
Building trust between modern distributed systems with spiffeajessup
 
SDWAN Concept - Certificate and keys Roles in Controllers and vEdge Router Au...
SDWAN Concept - Certificate and keys Roles in Controllers and vEdge Router Au...SDWAN Concept - Certificate and keys Roles in Controllers and vEdge Router Au...
SDWAN Concept - Certificate and keys Roles in Controllers and vEdge Router Au...Farooq Khan
 
Cryptzone: The Software-Defined Perimeter
Cryptzone: The Software-Defined PerimeterCryptzone: The Software-Defined Perimeter
Cryptzone: The Software-Defined PerimeterCryptzone
 
Deep Dive In To Kerberos
Deep Dive In To KerberosDeep Dive In To Kerberos
Deep Dive In To KerberosIshan A B Ambanwela
 
Secure rest api on microservices vws2016
Secure rest api on microservices vws2016Secure rest api on microservices vws2016
Secure rest api on microservices vws2016Quý Nguyễn Minh
 
ID連携入門 (実習編) - Security Camp 2016
ID連携入門 (実習編) - Security Camp 2016ID連携入門 (実習編) - Security Camp 2016
ID連携入門 (実習編) - Security Camp 2016Nov Matake
 
REST API Security: OAuth 2.0, JWTs, and More!
REST API Security: OAuth 2.0, JWTs, and More!REST API Security: OAuth 2.0, JWTs, and More!
REST API Security: OAuth 2.0, JWTs, and More!Stormpath
 
Secure API Services in Node with Basic Auth and OAuth2
Secure API Services in Node with Basic Auth and OAuth2Secure API Services in Node with Basic Auth and OAuth2
Secure API Services in Node with Basic Auth and OAuth2Stormpath
 
Securing AWS Accounts with Hashi Vault
Securing AWS Accounts with Hashi VaultSecuring AWS Accounts with Hashi Vault
Securing AWS Accounts with Hashi VaultShrivatsa Upadhye
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layerBU
 
MongoDB World 2019: MongoDB Atlas Security 101 for Developers
MongoDB World 2019: MongoDB Atlas Security 101 for DevelopersMongoDB World 2019: MongoDB Atlas Security 101 for Developers
MongoDB World 2019: MongoDB Atlas Security 101 for DevelopersMongoDB
 
API Security from the DevOps and CSO Perspectives (Webcast)
API Security from the DevOps and CSO Perspectives (Webcast)API Security from the DevOps and CSO Perspectives (Webcast)
API Security from the DevOps and CSO Perspectives (Webcast)Apigee | Google Cloud
 
Implementation of ssl injava
Implementation of ssl injavaImplementation of ssl injava
Implementation of ssl injavatanujagrawal
 
Techmix2014 温故知新
Techmix2014 温故知新Techmix2014 温故知新
Techmix2014 温故知新Kazuya Numata
 
The worst Ruby codes I’ve seen in my life - RubyKaigi 2015
The worst Ruby codes I’ve seen in my life - RubyKaigi 2015The worst Ruby codes I’ve seen in my life - RubyKaigi 2015
The worst Ruby codes I’ve seen in my life - RubyKaigi 2015Fernando Hamasaki de Amorim
 
Metaprogramming in Haskell
Metaprogramming in HaskellMetaprogramming in Haskell
Metaprogramming in HaskellHiromi Ishii
 
Practical Testing of Ruby Core
Practical Testing of Ruby CorePractical Testing of Ruby Core
Practical Testing of Ruby CoreHiroshi SHIBATA
 
Ruby meets Go
Ruby meets GoRuby meets Go
Ruby meets GoNTT Communications Technology Development
 
Plugin-based software design with Ruby and RubyGems
Plugin-based software design with Ruby and RubyGemsPlugin-based software design with Ruby and RubyGems
Plugin-based software design with Ruby and RubyGemsSadayuki Furuhashi
 
Rhebok, High Performance Rack Handler / Rubykaigi 2015
Rhebok, High Performance Rack Handler / Rubykaigi 2015Rhebok, High Performance Rack Handler / Rubykaigi 2015
Rhebok, High Performance Rack Handler / Rubykaigi 2015Masahiro Nagano
 
TRICK2015 results
TRICK2015 resultsTRICK2015 results
TRICK2015 resultsmametter
 
Certification authority
Certification authorityCertification authority
Certification authorityproser tech
 

Mais conteúdo relacionado

Mais procurados

Building trust between modern distributed systems with spiffe
Building trust between modern distributed systems with spiffeBuilding trust between modern distributed systems with spiffe
Building trust between modern distributed systems with spiffeajessup
 
SDWAN Concept - Certificate and keys Roles in Controllers and vEdge Router Au...
SDWAN Concept - Certificate and keys Roles in Controllers and vEdge Router Au...SDWAN Concept - Certificate and keys Roles in Controllers and vEdge Router Au...
SDWAN Concept - Certificate and keys Roles in Controllers and vEdge Router Au...Farooq Khan
 
Cryptzone: The Software-Defined Perimeter
Cryptzone: The Software-Defined PerimeterCryptzone: The Software-Defined Perimeter
Cryptzone: The Software-Defined PerimeterCryptzone
 
Secure rest api on microservices vws2016
Secure rest api on microservices vws2016Secure rest api on microservices vws2016
Secure rest api on microservices vws2016Quý Nguyễn Minh
 
ID連携入門 (実習編) - Security Camp 2016
ID連携入門 (実習編) - Security Camp 2016ID連携入門 (実習編) - Security Camp 2016
ID連携入門 (実習編) - Security Camp 2016Nov Matake
 
REST API Security: OAuth 2.0, JWTs, and More!
REST API Security: OAuth 2.0, JWTs, and More!REST API Security: OAuth 2.0, JWTs, and More!
REST API Security: OAuth 2.0, JWTs, and More!Stormpath
 
Secure API Services in Node with Basic Auth and OAuth2
Secure API Services in Node with Basic Auth and OAuth2Secure API Services in Node with Basic Auth and OAuth2
Secure API Services in Node with Basic Auth and OAuth2Stormpath
 
Securing AWS Accounts with Hashi Vault
Securing AWS Accounts with Hashi VaultSecuring AWS Accounts with Hashi Vault
Securing AWS Accounts with Hashi VaultShrivatsa Upadhye
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layerBU
 
MongoDB World 2019: MongoDB Atlas Security 101 for Developers
MongoDB World 2019: MongoDB Atlas Security 101 for DevelopersMongoDB World 2019: MongoDB Atlas Security 101 for Developers
MongoDB World 2019: MongoDB Atlas Security 101 for DevelopersMongoDB
 
API Security from the DevOps and CSO Perspectives (Webcast)
API Security from the DevOps and CSO Perspectives (Webcast)API Security from the DevOps and CSO Perspectives (Webcast)
API Security from the DevOps and CSO Perspectives (Webcast)Apigee | Google Cloud
 
Implementation of ssl injava
Implementation of ssl injavaImplementation of ssl injava
Implementation of ssl injavatanujagrawal
 

Mais procurados (13)

Building trust between modern distributed systems with spiffe
Building trust between modern distributed systems with spiffeBuilding trust between modern distributed systems with spiffe
Building trust between modern distributed systems with spiffe
 
SDWAN Concept - Certificate and keys Roles in Controllers and vEdge Router Au...
SDWAN Concept - Certificate and keys Roles in Controllers and vEdge Router Au...SDWAN Concept - Certificate and keys Roles in Controllers and vEdge Router Au...
SDWAN Concept - Certificate and keys Roles in Controllers and vEdge Router Au...
 
Cryptzone: The Software-Defined Perimeter
Cryptzone: The Software-Defined PerimeterCryptzone: The Software-Defined Perimeter
Cryptzone: The Software-Defined Perimeter
 
Deep Dive In To Kerberos
Deep Dive In To KerberosDeep Dive In To Kerberos
Deep Dive In To Kerberos
 
Secure rest api on microservices vws2016
Secure rest api on microservices vws2016Secure rest api on microservices vws2016
Secure rest api on microservices vws2016
 
ID連携入門 (実習編) - Security Camp 2016
ID連携入門 (実習編) - Security Camp 2016ID連携入門 (実習編) - Security Camp 2016
ID連携入門 (実習編) - Security Camp 2016
 
REST API Security: OAuth 2.0, JWTs, and More!
REST API Security: OAuth 2.0, JWTs, and More!REST API Security: OAuth 2.0, JWTs, and More!
REST API Security: OAuth 2.0, JWTs, and More!
 
Secure API Services in Node with Basic Auth and OAuth2
Secure API Services in Node with Basic Auth and OAuth2Secure API Services in Node with Basic Auth and OAuth2
Secure API Services in Node with Basic Auth and OAuth2
 
Securing AWS Accounts with Hashi Vault
Securing AWS Accounts with Hashi VaultSecuring AWS Accounts with Hashi Vault
Securing AWS Accounts with Hashi Vault
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layer
 
MongoDB World 2019: MongoDB Atlas Security 101 for Developers
MongoDB World 2019: MongoDB Atlas Security 101 for DevelopersMongoDB World 2019: MongoDB Atlas Security 101 for Developers
MongoDB World 2019: MongoDB Atlas Security 101 for Developers
 
API Security from the DevOps and CSO Perspectives (Webcast)
API Security from the DevOps and CSO Perspectives (Webcast)API Security from the DevOps and CSO Perspectives (Webcast)
API Security from the DevOps and CSO Perspectives (Webcast)
 
Implementation of ssl injava
Implementation of ssl injavaImplementation of ssl injava
Implementation of ssl injava
 

Destaque

Techmix2014 温故知新
Techmix2014 温故知新Techmix2014 温故知新
Techmix2014 温故知新Kazuya Numata
 
The worst Ruby codes I’ve seen in my life - RubyKaigi 2015
The worst Ruby codes I’ve seen in my life - RubyKaigi 2015The worst Ruby codes I’ve seen in my life - RubyKaigi 2015
The worst Ruby codes I’ve seen in my life - RubyKaigi 2015Fernando Hamasaki de Amorim
 
Metaprogramming in Haskell
Metaprogramming in HaskellMetaprogramming in Haskell
Metaprogramming in HaskellHiromi Ishii
 
Practical Testing of Ruby Core
Practical Testing of Ruby CorePractical Testing of Ruby Core
Practical Testing of Ruby CoreHiroshi SHIBATA
 
Plugin-based software design with Ruby and RubyGems
Plugin-based software design with Ruby and RubyGemsPlugin-based software design with Ruby and RubyGems
Plugin-based software design with Ruby and RubyGemsSadayuki Furuhashi
 
Rhebok, High Performance Rack Handler / Rubykaigi 2015
Rhebok, High Performance Rack Handler / Rubykaigi 2015Rhebok, High Performance Rack Handler / Rubykaigi 2015
Rhebok, High Performance Rack Handler / Rubykaigi 2015Masahiro Nagano
 
TRICK2015 results
TRICK2015 resultsTRICK2015 results
TRICK2015 resultsmametter
 

Destaque (8)

Techmix2014 温故知新
Techmix2014 温故知新Techmix2014 温故知新
Techmix2014 温故知新
 
The worst Ruby codes I’ve seen in my life - RubyKaigi 2015
The worst Ruby codes I’ve seen in my life - RubyKaigi 2015The worst Ruby codes I’ve seen in my life - RubyKaigi 2015
The worst Ruby codes I’ve seen in my life - RubyKaigi 2015
 
Metaprogramming in Haskell
Metaprogramming in HaskellMetaprogramming in Haskell
Metaprogramming in Haskell
 
Practical Testing of Ruby Core
Practical Testing of Ruby CorePractical Testing of Ruby Core
Practical Testing of Ruby Core
 
Ruby meets Go
Ruby meets GoRuby meets Go
Ruby meets Go
 
Plugin-based software design with Ruby and RubyGems
Plugin-based software design with Ruby and RubyGemsPlugin-based software design with Ruby and RubyGems
Plugin-based software design with Ruby and RubyGems
 
Rhebok, High Performance Rack Handler / Rubykaigi 2015
Rhebok, High Performance Rack Handler / Rubykaigi 2015Rhebok, High Performance Rack Handler / Rubykaigi 2015
Rhebok, High Performance Rack Handler / Rubykaigi 2015
 
TRICK2015 results
TRICK2015 resultsTRICK2015 results
TRICK2015 results
 

Semelhante a Do you trust that certificate?

Certification authority
Certification authorityCertification authority
Certification authorityproser tech
 
How to validate server certificate
How to validate server certificateHow to validate server certificate
How to validate server certificatecodeandyou forums
 
Secure Communications with VisualWorks - CSTUC 2006
Secure Communications with VisualWorks - CSTUC 2006Secure Communications with VisualWorks - CSTUC 2006
Secure Communications with VisualWorks - CSTUC 2006Martin Kobetic
 
Hashitalks 2021 - How the Dynamic Duo of Vault and Puppet Tame SSL Certificates
Hashitalks 2021 - How the Dynamic Duo of Vault and Puppet Tame SSL CertificatesHashitalks 2021 - How the Dynamic Duo of Vault and Puppet Tame SSL Certificates
Hashitalks 2021 - How the Dynamic Duo of Vault and Puppet Tame SSL CertificatesNick Maludy
 
Geoff Huston's presentation on DANE (Keys in the DNS) at the New Zealand Inte...
Geoff Huston's presentation on DANE (Keys in the DNS) at the New Zealand Inte...Geoff Huston's presentation on DANE (Keys in the DNS) at the New Zealand Inte...
Geoff Huston's presentation on DANE (Keys in the DNS) at the New Zealand Inte...Siena Perry
 
WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...
WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...
WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...Peter LaFond
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applicationsArash Ramez
 
The Importance of Monitoring SSL Certificates _ Awakish.pptx
The Importance of Monitoring SSL Certificates _ Awakish.pptxThe Importance of Monitoring SSL Certificates _ Awakish.pptx
The Importance of Monitoring SSL Certificates _ Awakish.pptxawakish
 
Securing Kafka
Securing Kafka Securing Kafka
Securing Kafka confluent
 
Kafka 2018 - Securing Kafka the Right Way
Kafka 2018 - Securing Kafka the Right WayKafka 2018 - Securing Kafka the Right Way
Kafka 2018 - Securing Kafka the Right WaySaylor Twift
 
Infrastructure Saturday 2011 - Understanding PKI and Certificate Services
Infrastructure Saturday 2011 - Understanding PKI and Certificate ServicesInfrastructure Saturday 2011 - Understanding PKI and Certificate Services
Infrastructure Saturday 2011 - Understanding PKI and Certificate Serviceskieranjacobsen
 
Learn to Add an SSL Certificate Boost Your Site's Security.pdf
Learn to Add an SSL Certificate Boost Your Site's Security.pdfLearn to Add an SSL Certificate Boost Your Site's Security.pdf
Learn to Add an SSL Certificate Boost Your Site's Security.pdfReliqusConsulting
 
Oralce SSL walelt -TCPS_Troubleshooting_PB.pptx
Oralce SSL walelt -TCPS_Troubleshooting_PB.pptxOralce SSL walelt -TCPS_Troubleshooting_PB.pptx
Oralce SSL walelt -TCPS_Troubleshooting_PB.pptxssuser865ecd
 
The WiKID Strong Authentication Systems Overview
The WiKID Strong Authentication Systems OverviewThe WiKID Strong Authentication Systems Overview
The WiKID Strong Authentication Systems OverviewNick Owen
 

Semelhante a Do you trust that certificate? (20)

Certification authority
Certification authorityCertification authority
Certification authority
 
Ssl Https Server
Ssl Https ServerSsl Https Server
Ssl Https Server
 
TLS and Certificates
TLS and CertificatesTLS and Certificates
TLS and Certificates
 
How to validate server certificate
How to validate server certificateHow to validate server certificate
How to validate server certificate
 
Secure Communications with VisualWorks - CSTUC 2006
Secure Communications with VisualWorks - CSTUC 2006Secure Communications with VisualWorks - CSTUC 2006
Secure Communications with VisualWorks - CSTUC 2006
 
Hashitalks 2021 - How the Dynamic Duo of Vault and Puppet Tame SSL Certificates
Hashitalks 2021 - How the Dynamic Duo of Vault and Puppet Tame SSL CertificatesHashitalks 2021 - How the Dynamic Duo of Vault and Puppet Tame SSL Certificates
Hashitalks 2021 - How the Dynamic Duo of Vault and Puppet Tame SSL Certificates
 
Geoff Huston's presentation on DANE (Keys in the DNS) at the New Zealand Inte...
Geoff Huston's presentation on DANE (Keys in the DNS) at the New Zealand Inte...Geoff Huston's presentation on DANE (Keys in the DNS) at the New Zealand Inte...
Geoff Huston's presentation on DANE (Keys in the DNS) at the New Zealand Inte...
 
WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...
WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...
WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applications
 
Dapp
DappDapp
Dapp
 
TOP FEATURES OF CertiDApp
TOP FEATURES OF CertiDAppTOP FEATURES OF CertiDApp
TOP FEATURES OF CertiDApp
 
The Importance of Monitoring SSL Certificates _ Awakish.pptx
The Importance of Monitoring SSL Certificates _ Awakish.pptxThe Importance of Monitoring SSL Certificates _ Awakish.pptx
The Importance of Monitoring SSL Certificates _ Awakish.pptx
 
Securing Kafka
Securing Kafka Securing Kafka
Securing Kafka
 
Kafka 2018 - Securing Kafka the Right Way
Kafka 2018 - Securing Kafka the Right WayKafka 2018 - Securing Kafka the Right Way
Kafka 2018 - Securing Kafka the Right Way
 
The last picks
The last picksThe last picks
The last picks
 
Infrastructure Saturday 2011 - Understanding PKI and Certificate Services
Infrastructure Saturday 2011 - Understanding PKI and Certificate ServicesInfrastructure Saturday 2011 - Understanding PKI and Certificate Services
Infrastructure Saturday 2011 - Understanding PKI and Certificate Services
 
Learn to Add an SSL Certificate Boost Your Site's Security.pdf
Learn to Add an SSL Certificate Boost Your Site's Security.pdfLearn to Add an SSL Certificate Boost Your Site's Security.pdf
Learn to Add an SSL Certificate Boost Your Site's Security.pdf
 
CERTIFYING AUTHORITY
CERTIFYING AUTHORITYCERTIFYING AUTHORITY
CERTIFYING AUTHORITY
 
Oralce SSL walelt -TCPS_Troubleshooting_PB.pptx
Oralce SSL walelt -TCPS_Troubleshooting_PB.pptxOralce SSL walelt -TCPS_Troubleshooting_PB.pptx
Oralce SSL walelt -TCPS_Troubleshooting_PB.pptx
 
The WiKID Strong Authentication Systems Overview
The WiKID Strong Authentication Systems OverviewThe WiKID Strong Authentication Systems Overview
The WiKID Strong Authentication Systems Overview
 

Último

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfOverkill Security
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKJago de Vreede
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 

Último (20)

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 

Do you trust that certificate?