Posted on

Certificates for Internal Servers

I often get the question from customers "How do I make a browser trust my internal Intranet web server". Is it possible to use trusted certificates for Intranet servers? The short answer is yes. It is possible, and I'll show you two ways this can be solved. But what exactly is an Intranet server?

What Is an Intranet Server?

An Intranet (internal) server is one that runs on a private (home/business) network with a non-public IP address -- that is, any IPv4 address in the RFC 1918 range (e.g. 10.0.0.0, 172.16.0.0, 192.168.0.0) and any IPv6 address in the RFC 4193 range.

Posted on

Using Client Certificates Vs Passwords and MFA for Authentication

Introduction

Identity is the new perimeter, and it is becoming increasingly challenging to secure thanks to distributed workforces and unprecedented levels of remote work forced by COVID-19. Security used to consist simply of using firewalls to defend your network’s perimeter. Now, with today’s complex IT ecosystem including multi-cloud environments, IoT, DevOps, and BYOD mobile phones and other devices, securing the identities of people, devices, and systems is more difficult than ever.

The 2020 Data Breach Investigations Report by Verizon found that more than 80% of breaches tied to hacking involve the use of lost or stolen credentials or brute force, a fact that highlights the weaknesses of password-based authentication in the WFH era. While COVID-19 has precipitated the widespread adoption of remote work across all industries and sectors that rely on knowledge workers, many believe that it is here to stay. In fact, 38% of respondents to the recent Voice of the Enterprise Digital Pulse flash survey from 451 Research (S&P Global) believe that working from home will likely be long-term or permanent.

Posted on

The Most Common Java Keytool Keystore Commands

Java Keytool Keystore Commands

The platform that manages the private keys and certificates is called Java Keytool. It has the ability through which public/private keys and certificate manage in addition to caching certificates. The storing place of keys and certificates is named by Java as Keystore. Java Keystore represents a file. The private keys are protected with a password in Keystore. The chain of trust and primary certificate trustworthiness is established by Keytool Keystore that is necessary to protect the private keys and certificates.

A unique alias is associated with each certificate in Java Keystore. First, you have to create a .jks file that will initially consist of only private keys. After that, CSR needs to be generated from which certificate will be generated. Then the certificate should be imported into the Keystore including root certificates. There are various functions that are performed by the Java Keytool like viewing of certificate details or a list of certificates consist of export a certificate.