Introduction In this guide I will walk through the process of hardening HTTPS connectors used by Apache Tomcat. As unfortunately the default configuration of Ubuntu 14.04 LTS using Tomcat 7 and OpenJDK 7 are vulnerable to a number of attacks and weak encryptions. You can test your own site’s HTTPS implementation against these weaknesses at… Continue reading Secure and harden Apache Tomcat’s SSL/TLS
Category: Security
Create self-signed certificates for HTTPS with Apache Tomcat
This entry will guide through the process of creating a self-signed certificate to use on an Apache Tomcat 7 or 8 HTTPS connector. Self-signed certificates allow secure, encrypted HTTPS connections but are not certified by any trusted certificate authority. So first time client connections will receive all kinds of warnings from their web browser. Because of… Continue reading Create self-signed certificates for HTTPS with Apache Tomcat
KeePass 2, Password Management
With the recent admission from Adobe that it lost over 150 million user accounts from its online database in October. I thought it would be wise to go over my tool of choice for password management, KeePass. In the case of the Adobe breach hackers managed to get the email addresses, passwords, credit/debit card details… Continue reading KeePass 2, Password Management