After creating self-signed wildcard certificates for modern browsers a while back, self-signed certificates came back to haunt me once again. This post describes a solution for creating self-signed keystores (pkcs12 or jks) in OpenShift and Kubernetes to use in Spring Boot applications to re-encrypt traffic. Actually I present 2 solutions, but the second one only … [Read more…]
Unfortunately this does not apply to the IP logged within the comment section, however the log does contain the correct IP. I will revisit this issue and may update this post. Cloudflare offers great solutions for the protection of a webpage. Although most interesting applications require a paid premium account, the free tier also provides … [Read more…]
When setting up my local K3s on a Intel NUC I thought it would be nice to use Ingress resources to access the services instead of using a node-port. As those services will only be used inside my LAN (and I didn’t want to have an invalid certificate warning) I decided to use a self-signed … [Read more…]
Until now I have mostly dealt with certificates for a specific host – and there is usually nothing wrong with doing it this way. There are easy to use tools for Let’s Encrypt which automate the retrieval of a certificate for a (sub-) domain. On a docker-compose based, (mostly) manually managed stack you would usually … [Read more…]
Issue: Another bug in SoapUI might alter the security configuration of sent SOAP Requests. This may result in broken or discarded requests. This issue can be reproduced in SoapUI 5.4.0 and 5.2.1. I have not tested other versions but I’m quite certain this problem exists in all of them. SoapUI features a dedicated “Auth” button … [Read more…]
Issue: My Sony HT-XT2 cannot be updated via internet, due to a communication error with the server – how can I MITM the connection to analyse the issue? Recently I bought a soundbar like gadget from Sony, the HT-XT2. After setting it up I tried to update the firmware via internet – the HT-XT2 can be … [Read more…]
Issue: How can I add basic authentication / password to my OpenVPN connection featuring certificates? There are quite a lot of tutorials on how to set up your own VPN server. An excellent tutorial has been published by DigitalOcean. However this (and nearly every other) tutorial feature a secure connection by either certificates or user … [Read more…]
Issue: How can I send a webservice request over SSL in SoapUI with basic proxy authentication? A few days ago I was confronted with a rather simple challenge: sending a request to an HTTPS webservice with SoapUI by SmartBear. But as you might have guessed, there’s a catch. While I’m inside the company network, my … [Read more…]