The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,427 other followers

Archive for January 11th, 2018

badssl.com

Posted by jpluimers on 2018/01/11

I wish I had bumped into this when it got released in 2015: [WayBackbadssl.com hosted in the cloud and maintained by two people from Google and Mozilla.

Where ssllabs.com is for checking server-side certificates, this one is for checking clients against many, many (did I already write MANY?) server side configurations both good (with a varying set of security settings like cyphers and key exchanges) and bad.

One of the bad ones is expired.badssl.com which your clients should not be able to connect to without throwing a big error.

Sources are at [WayBack] GitHub – chromium/badssl.com: Memorable site for testing clients against bad SSL configs.

Before using, please read their

Disclaimer

badssl.com is meant for manual testing of security UI in web clients.

Most subdomains are likely to have stable functionality, but anything could change without notice. If you would like a documented guarantee for a particular use case, please file an issue. (Alternatively, you could make a fork and host your own copy.)

badssl.com is not an official Google product. It is offered “AS-IS” and without any warranties.

–jeroen

Posted in Communications Development, Development, HTTP, https, Internet protocol suite, Security, Software Development, TCP, TLS, Web Development | Leave a Comment »

.— . .-. — . -.

Posted by jpluimers on 2018/01/11

Happy “Learn Your Name in Morse Code Day”

–jeroen

Audio via [WayBackhttps://morsecode.scphillips.com/translator.html

Posted in Fun | Leave a Comment »

ACME TLS-SNI-01 validation disabled due to vulnerability – Incidents – Let’s Encrypt Community Support

Posted by jpluimers on 2018/01/11

Now that so many sites depend on LetsEncrypt: maybe it is time for a second one.

We’ve received a credible report of a problem with ACME TLS-SNI-01 validation which could allow people to get certificates they should not be able to get. While we investigate further we have disabled tls-sni-01 validation. We’ll post more information soon.

Source: [Archive.isACME TLS-SNI-01 validation disabled due to vulnerability – Incidents – Let’s Encrypt Community Support

Via:

–jeroen

Posted in Encryption, Let's Encrypt (letsencrypt/certbot), Power User, Security | Leave a Comment »

19 Tips For Everyday Git Use

Posted by jpluimers on 2018/01/11

Great set of tips; I’ve included to intro and ToC here so it’s easier for me to find, but all the details are at [WayBack19 Tips For Everyday Git Use. For each paragraph, the ToC lists the relevant command. The article itself also contains some very insightful animated images of which I included one below to get an impression.

Read the rest of this entry »

Posted in Development, DVCS - Distributed Version Control, git, Source Code Management | 1 Comment »

Reminder to self – Fiddler for OS X Beta

Posted by jpluimers on 2018/01/11

Reminder to self: [WayBackFiddler for OS X Beta as it’s been on my list since about a year ago: Fiddler for OS X Beta « The Wiert Corner – irregular stream of stuff.

Note that reading the cerficicates can be done in a more simple way for the Current version of Mono:

/Library/Frameworks/Mono.framework/Versions/Current/bin/mozroots --import --sync

I forgot in which version the Mono installer has Current linked to the most recently installed Mono version but it works well.

Executing should then be somethig like this:

/Library/Frameworks/Mono.framework/Versions/Current/bin/mono ~/bin/fiddler-mac/Fiddler.exe

I expect quite some bit of trouble decrypting HTTPS [Arvhive.is] as that was troublesome on Windows in the early Fiddler days as well.

In case of trouble, there is always Fiddler IdeasCustomer Feedback for Fiddler by Telerik . Add a new product idea or vote on an existing idea using the Fiddler by Telerik customer feedback form via [WayBackTsviatko Yovtchev: “@jpluimers @ericlaw https://t.co/lRNXC88M1b is our feature suggestion/issue tracker portal. Fiddler itself notifies on new versions.”

Back to the reminder: [WayBack] Fiddler for OS X Beta.

Direct download https://telerik-fiddler.s3.amazonaws.com/fiddler/fiddler-mac.zip.

Downloading Fiddler for OS X Beta…

If your download does not start, please [WayBackclick here to retry


Getting started

  1. If you don’t have the Mono framework installed on your Mac

    Please download it from [WayBackhttp://www.mono-project.com/download/#download-mac and install it. If you already have it installed, ensure you’re running the latest version.

  2. If you just installed Mono

    Please open Terminal and type in:

    /Library/Frameworks/Mono.framework/Versions/<Mono Version>/bin/mozroots --import --sync

    (The Mono framework has its own trusted root certificates store. Currently (at mono version 4.2.4) this store remains empty after installing Mono on OS X. Fiddler uses the certificates in this store to validate the certificates of the websites visited. So you need to populate this store with a set of commonly trusted root authorities to avoid getting constant certificate warnings from Fiddler. The mozroots tool imports trusted authorities from the Mozilla LXR. )

  3. Extract fiddler-mac.zip to a folder you have write access to.

    It is recommended that the full path to Fiddler install folder does not contain any Windows path illegal characters. (At present it is possible that some Fiddler functionality, e.g. various file exports or Fiddler Script won’t handle such paths.)

  4. Open Terminal and navigate to the folder you extracted to in step 3.

  5. Type mono Fiddler.exe in Terminal.

To further understand the benefits and limitations of Fiddler for OS X please visit [WayBackthis blog post.

–jeroen

Posted in Development, Fiddler, Software Development, Web Development | Leave a Comment »

 
%d bloggers like this: