Archive for 'Security'

How to create a free SSL certificate from CAcert.org

Having an SSL certificate on your domain for encrypted traffic may be very attractive, but like me, you may get turned off at spending around $400 for personal use. CAcert.org to the rescue! They are making SSL certificates available for free. Awesome! Now I can use a valid SSL certificate for traffic on this domain. Read on for tips on how to do this yourself..
One caveat to this process, is that CAcert is currently not ‘known’ to browsers. This means you will get a warning from the browser stating it doesn’t know the signer of the SSL certificate. You can either always accept this warning, or you can tell your browser who CAcert is by installing their own certificate. To do this, go to CAcert’s Root Certificate page, and click the appropriate link for your browser. The link for IE is obvious, but for Firefox I chose the PEM format. Firefox then presented me with a helpful prompt that completed the install. After that, no more warnings! (Note: for this exact reason alone, I currently would not recommend using CAcert for commercial business, as you could make your potential customers nervous with the warning.) With that taken care of, let’s move on..

While not a complete step-by-step walkthrough, this is essentially how I created a signed SSL certificate for collicott.net from CAcert.org.

Requirements

• A host with openssl installed.
• A registered account with CAcert.org
• Access to your web server’s config to reference/install the SSL certificate

Creating an SSL certificate

1. First, I logged into my host, and created a key for the hostname I wanted to use SSL on. This key will subsequently be used to create a certificate request we will send to CAcert. Obviously, in these examples, replace out collicott.net with your hostname.
   

   $ openssl genrsa -out www.collicott.net.key 1024

   Important: Ideally, you should keep this file in a location where others cannot access it.

2. After the key is created, we want to use it to create a certificate request file to submit to CAcert. Perform this action on the *.key file (on a single line):
   

   $ openssl req -new -key www.collicott.net.key -out www.collicott.net.csr

   When you create this certificate request file, you will be asked for information for your domain. Some of this information is optional, but make sure you enter the hostname you want in the “Common Name” field (for example, www.collicott.net).

3. Now that we have the *.csr file, we need to submit it to CAcert. Log in to your CAcert account, then go to “Server Certificates”, then click “New”. At the bottom of the page, paste in the contents of the *.csr file. CAcert will then sign and create an SSL certificate for you.

Once the certificate has been sent from CAcert, we need to install it on our web server. Since there are many types of servers, and your hosting company may provide its own interface on installing an SSL certificate, I won’t go into how to do that. Our host is currently running Apache 1.3, and it was pretty easy to modify the config in about 2 places, and then restart the server. You can find information on a couple servers here:

• Apache 2.0
• IIS 5.0
• IIS 4.0

The information in this post is essentially a hybrid of my experience, and the following two support pages. If you want further information, you might start with them:

• HOWTO cacert.org SSL certificates
• CAcert: How do I generate a private key and CSR using OpenSSL?

How to reset the master password in Firefox

I’ve noticed a couple people coming to this site searching for help on resetting their master password in Mozilla Firefox, so I found help on this and am posting it here in case you happen to be one of those people.

Master password – MozillaZine Knowledge Base

If you have lost or forgotten your Master Password or you want to disable the feature, reset your master password. Note that, upon resetting, you will lose all the stored information in the Passwords Manager as this is a built-in security feature to prevent people otherwise resetting your master password and gaining access to your passwords.

• For Firefox: go to “chrome://pippki/content/resetpassword.xul” (see Chrome URLs) and click on “Reset Password”.
• For Thunderbird: “Tools -> Options (Edit -> Preferences on Linux) -> Advanced -> Saved Passwords -> Master Password -> Reset Password”.
• For Mozilla Suite: “Edit -> Preferences -> Privacy & Security -> Master Passwords -> Reset Password”.

Search for:

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Recent Posts

• Moving Windows Live Photo Gallery Managed Photos to Another Drive
• Earth | Time Lapse View from Space | Nasa, ISS
• Expand the virtual disk size of Windows 2008 Server with VMware Player / Workstation
• Fix it: Help for Checking Your Windows Security Settings
• Install SharePoint Server 2010 SP1 with Office Web Apps

Categories

• Current Events (10)
• Entertainment (6)
• General (21)
• Security (12)
• SharePoint (11)
• Software (6)
• Technology (98)

Twitter

• 15 Considerations for SharePoint Online Office 365 http://t.co/vF5FmClR 12 hours ago
• Microsoft's newspaper ad response to Google privacy policy changes: http://t.co/I86hmg03 1 day ago
• How to Add a Vanity Domain for your Office 365 Account : http://t.co/wcPHlJgL 1 week ago
• Need to break apart a PDF? Use the free CutePDF Writer to print the selected pages to a separate PDF: http://t.co/CqVY1VaZ 2 weeks ago
• RT @sharepointbuzz: Microsoft introduces Xbox-like achievements for #developers http://t.co/AqHFeAQN 2 weeks ago

Del.icio.us Links

• Optimize SharePoint 2010 with Breadcrumb Navigation
• Breadcrumb Navigation In SharePoint 2010 - SolidQ SharePoint Team Blog
• Change Settings for “New” Icon in SharePoint 2010 using PowerShell | Deliveron
• CloudShare | Share Enterprise IT On Demand In The Cloud
• SharePoint 2010 - Search service is not able to connect to Administration component server - TechNet Blogs

Experts Exchange

RSS Feeds

 RSS - Posts

 RSS - Comments