Network Security - Programming - Nairaland
Nairaland Forum / Science/Technology / Programming / Network Security (1229 Views)
Cyber Security And Network Security / Network Security Tools! Super Scan 4 Port Scanner Latest Version / Calling All Network Security/ Computer Science (2) (3) (4)
| Network Security by arinolaa(f): 11:15pm On Dec 28, 2016 |
If anyone on here is studied network security in university please contact me. I need help with something. thanks. |
| Re: Network Security by rushman003: 11:27pm On Dec 28, 2016 |
What do you want to do? Its best you share it here for deliberation rather than contacting, |
| Re: Network Security by arinolaa(f): 11:48pm On Dec 28, 2016 |
rushman003: Hey thanks for getting back to me! I need to create a SSL certificate using terminal via Ubuntu, can you help? |
| Re: Network Security by dunjoye(m): 2:24am On Dec 29, 2016 |
I can help. Email me.: dunjoye4real@Gmail. Com I ll shoot up an Amazon ec2 ubuntu instance and walk u through the process. Then you can implement it on your own |
| Re: Network Security by arinolaa(f): 1:36pm On Dec 29, 2016 |
dunjoye: Hello Dunjoye! Thanks for responding. Please check your email. |
| Re: Network Security by dunjoye(m): 2:18pm On Dec 30, 2016 |
Although i dont know what exactly you are implementing your SSL for, which for me i did it successfuly when using https to secure apache http and nginx webservers, since method varies depending on your use case. (If u want to share your use case to make it easier to understand and apply best practice). with a webserver, u probably want to use https to secure server and u want to use a Certificate Authority(CA) to issue the SSL certificate, if your CA supports SHA-2, add the -sha256 option to sign the CSR(Certificate Signing Request, which contains the public key of your key pair and some other information which are inserted into the certificate when it is signed), CSRs can be used to request SSL certificates from a certificate authority PS: if you would like to obtain an SSL certificate from a certificate authority (CA), you must generate a CSR which was what you did on line 2 of your snippet. from what you wrote above there, You generated a 2048-bit private key (server.key) and a CSR domain(server.csr). if you want to try again from scratch, i use this: openssl req \ -newkey rsa:2048 -nodes -keyout server.key \ -out server.csr N.B: anwser d csr info prompt to complete the process, -newkey rsa:2048 option specifies that the key should be 2048-bit generated using the RSA algorithm -nodes specifies that the private key should not be encrypted with a pass phrase in your case of openssl req, the -new option indicates that a csr is being generated. Now lets generate the SSL certificates> if you would like to use an SSL certificate to secure a service but you dont need a CA-signed certificate, a valid and free solution is to sign your own certificates(self-signed certificates). lets try to make somethings clear and more understandable. a common type of certificate that u can issue yourself is self signed certificate which is signed with its own private key(server.key). self signed certificates can be used to encrypt data just as well as CA-signed certificates. but your users will b prompt that the certificate is not trusted by their browser since u are not using a CA, certificate authority. so self signed certificates are mostly use if u do not need to prove your service identity to users, in labs and or non production servers. use case: using HTTPS to secure APACHE HTTP or Nginx web server with Self signed certificate (we do not require that our certificate is signed by a CA) so lets re structure your command: which will create a 2048-bit private key(server.key) and a self signed certificate(server.crt), openssl req \ -newkey rsa:2048 -nodes -keyout server.key \ -x509 -days 365 -out server.crt -x509 options tells openssl req to create a self signed certificate, -days 365 specifies the certificate will be valid for 365days, a temporary CSR is generated to gather infomation to associate with the certificate.. answer the csr imformation prompt to your needs certificates and CSR files are encoded in pem format. to view csr entries and certifcate entries and verify them openssl req -text -noout -verify -in server.csr >this command allows u to view content of csr in pain text openssl -x509 -text -noout -in server.crt > this command allows u to view the content of your certificate NOTE: sometimes version of ssl affects command line options. i have used openssl 1.0, so any 1.0 above should work perfect. (openssl version -a to check your version) also sometimes u may need to include path to key folder, e.g with nginx(/etc/nginx/ssl/server.key) Hopefully this helps. let me know if u have any issues This is also useful: http://www.akadia.com/services/ssh_test_certificate.html |
| Re: Network Security by Whytelyon(m): 10:21pm On Dec 30, 2016 |
If it's network certificate, most times most fellows configure open ssl , not very expert myself hence I did decide to get you a step by step tut. I'm not a network person, know programming mainly. But open ssl is most secure for this kind of stuff https://www.tbs-certificates.co.uk/FAQ/en/openssl-windows.html |
(1) (Reply)
Connecting Delta State Programmers / I Need A Website / Mobile App Developers Needed
(Go Up)
| Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health religion celebs tv-movies music-radio literature webmasters programming techmarket Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10) Nairaland - Copyright © 2005 - 2024 Oluwaseun Osewa. All rights reserved. See How To Advertise. 19 |