Category Archives: Information Security

Graph Data Structure

1 Reply

If you want to solve a Rubik’s cube or understand what technology google uses for its maps, this is the place for you.

Many programming problems require you to represent a non-hierarchical relationship between pairs of items. Such problems can be solved by using data structure called graph. I will discuss the concept and implementation of graphs. I will also give various applications of graphs.

We shall see the following :
– Store data in a graph
– Implement a graph
– Apply graphs to solve Programming problems

Generate CSR with getcsr

If you want an easy and quick way to generate CSR use the link below. The CSR and Keys are generated dynamically and no information is stored or tracked.Generate CSR with getcsr

Note : This is only recommended for Development and Testing environments only. Please do not use this for Production environments. Production environments need hardware to generate the keys to meet various regulatory compliance requirements.

Resolving TLS 1.2 related issues in Windows OS

Leave a reply

Recently there was a move to implement TLS1.2. All of a sudden we started seeing lot of SSL related errors and here is the fix for those errors.

1. You can change the registry value manually (Recommended for experts)

or

2. Use the following patch from Microsoft.

https://support.microsoft.com/en-us/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-a-default-secure-protocols-in

Certificate chaining error in Microsoft Environment.

Leave a reply

If you are using Symantec/Verisign certificate and getting errors around last quarter of 2015 then it is the result incorrect certificate chain.

This can be fixed in the following ways.
1. Obtain the intermediate certificate “VeriSign Class 3 Public Primary Certification Authority” from Symantec and import it to the “Intermediate Certification Authorities” Store.
2. Also obtain the root “Versign Class 3 Public Primary Certification – G5” certificate from Symantec and import it to the “Trusted Root Certification Authority” Store.

OR

There is also an alternate solution available, which suggests de-activating of automatic certification updates, and importing the above certificates.

There are pros and cons of each method. So please choose the solution which suits you the best.

Incomplete FCPath

Leave a reply

If you are using Symantec/Verisign certificates and seeing the “Incomplete FCPath” error around last quarter of 2015 then it is the result incorrect certificate chain. This type of error occurs with KeyStores. The following is the recommended fix to over come the problem.

1. Obtain the intermediate “Symantec Class 3 Secure Server CA – G4” certificate from Symantec and import it to the trust KeyStore.
2. Also obtain the root “Versign Class 3 Public Primary Certification – G5” certificate from Symantec and import it to the trust KeyStore.

Make sure that the KeyStore is in correct path.

The above solution will fix the error.

Similar problem also exists for windows based servers and the solution is little different.

Keys to Kingdom

Leave a reply

KeySensitive information needs to be protected. The following are the ways to protect sensitive information.

1. Choose a strong cryptographic algorithm to protect the information.
2. Use different keys to secure different information.
3. The keys shall be protected at all times.
4. Longer key-length protects the information better.
5. Keys shall be distributed securely.
6. The current key-in-use shall be used without making a copy.
7. Additional copies of the keys shall be destroyed when they are no longer required.
8. The key shall be periodically rotated.
9. The key and information should be kept separate.

Remember:

Do not lock your house and leave the key under the front doormat.