Certificate Revocation List LookupHttp://crl.microsoft.com/pki/crl/products/MicrosoftTimeStampPCA.crlHttp://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xmlhttp://ieonline.microsoft.com:443Http://crl.microsoft.com/pki/crl/products/MicCodSigPCA_08-31-2010.crlhttp://tools.google.com:443Http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?8f5b475b26ab8cd9Http://ctldl.win
Key words: Ssl,pki,macHope: SSL uses data encryption, authentication and message integrity verification mechanisms to provide reliable connection security based on TCP and other application layer protocols.This article describes the SSL backend, security mechanisms, work processes, and typical network applications.Abbreviations:
Abbreviations
English full Name
Chinese explanation
Aes
Advanced Encrypti
Label: style blog http io color ar OSIn cryptography, CA (Certificate Authority) refers to an organization trusted by multiple users, which can create and assign public key certificates.For the sake of standardization, we will first introduce the terms that may be involved in this article,Asypolicric cryptography: asymmetric cryptography (or public key encryption and public key encryption). A key involves a key pair consisting of a public key and a private key;Key pair: a pair of public/private
to enable ssl. If not, recompile and install mysql. Note that the parameters are correct when makefile is generated.Exit mysql and edit/etc/my. cnf.Add the following configuration information between [mysqld] and [mysqldump:
ssl
Save and restart mysql. log on to mysql again.
mysql -uroot -pmysql> show variables like '%ssl%';
+---------------+-------+ | Variable_name | Value | +---------------+-------+ | have_openssl | YES | | have_ssl | YES | | ssl_ca | | | ssl_capath | | | ssl_c
/
file:///media/cdrecorder/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/rpm-gpg-key-centos-5
Modify the 2nd path in BaseURL to/mnt/cdrom (that is, the disc mount point)
Change Enabled=0 to 1
3, disable the default Yum network source
Change the Yum network source profile to Centos-base.repo.bak, or you will first look for the appropriate package in the network source and read it directly from the loca
users can choose to test the computer, select the item to be detected, click "Enter", agree to an "authorization agreement", you can start to test the selected items, after testing, the system will give detailed detection results (Figure 6).
Figure 4
Figure 5
Figure 6
Trial experience: Skynet online security detection system for the classification of the inspection project is very detailed, in addition to opening the first page, the system to the com
disk, use it to delete the ubuntu Partition, and then draw 6 GB space from disk D and disk G, prepare to install ubuntu together with the previous space, and start partitioning after restart.
After the partition is completed, the original D disk is N after the restart. The blank space is separated, which is mistaken for partition D by the system. I have installed Symantec Endpoint Protection. He has a residual file on drive D, which cannot be delete
from Chrome.
Open Baidu homepage with Chrome, on the left of HTTPS we will find a green lock.
Click on the lock, a popup panel appears, click on the "Details" in the panel.
This will open Chrome's developer Tool and automatically switch to the Security page.
Click on the "View Ceertificate" button to view the certificate of the website as follows:In the "General" panel, we can see that the certificate is and Symantec issued to B
The high cost and complexity of data centers has become a well-known fact, data center virtualization has also become a hot topic, but the data center is faced with how serious the problem, virtualization in the data center of the application of the heat to what extent but not many people can clearly say. Symantec Inc. released a data center survey on November 8, 2007, which surveyed data center heads of 2000 large public institutions around the world
LISTEN 0 *:5601 *:* Users: (("Node", 2042,11)
Log observation
Tail-f/var/log/kibana/kibana.stdout
At this point, we can open the browser, test access to the Kibana server http://192.168.3.17:5601/, confirm that there is no problem, as shown below:
Installing Logstash, and adding configuration files
Yum Localinstall logstash-2.3.2-1.noarch.rpm-y
Generate certificate
cd/etc/pki/tls/
OpenSSL req-subj '/cn=elk.chinasoft.com/'-x509-days 3650-batch
ensure the confidentiality and reliability of communication data between two applications, and it can be supported simultaneously on the server side and client side. Current mainstream version SSLV2, SSLV3 (Common).To build a private CA using OpenSSL:1. Generate the private key:2. Generate self-signed certificate:(1) When the private key is used to sign a certificate, it is used to add a digital signature to the certificate;(2) Certificate: Each Communication party imports this certificate to t
system installation disc
# Mount/dev/CDROM/mnt/CDROM/
2. Configure the local Yum Source
# Cd/etc/yum. Repos. d/
# Ls
Four repo files are displayed.
The CentOS-Base.repo is the configuration file for the yum network source
The CentOS-Media.repo is the configuration file of the yum local source
Modify CentOS-Media.repo
# Cat CentOS-Media.repo
# CentOS-Media.repo## This repo is used to mount the default locations for a CDROM / DVD on# CentOS-5. You can use this repo and yum to install items dir
servers to take effect permanently.To cancel the plug-in loading, run the following command;Mysql> uninstall plugin rpl_semi_sync_master;4. ssl-based master-slave ReplicationMaster-slave Replication refers to the transmission of data in plain text on the network. Therefore, it is necessary to set up ssl-based replication for the master-slave service. Here are official documents. You can also use the following configurations.Official documentation: http://dev.mysql.com/doc/refman/5.1/en/replicat
authentication from CentOS A to the current server (CentOS B.
3. Configure the CA Server (CentOS)
3.1 initialize the CA Service and create the required files# Cd/etc/pki/CA/# Touch index.txt // create an index file# Echo 01> serial // create a serial number File
3.2 CA self-signed certificateGenerate Private Key# (Umask 077; openssl genrsa-out/etc/pki/CA/private/cakey. pem2048)Use the private key to genera
-- enable-openssl -- enable-addrblock -- enable-unity \5 -- enable-certexpire -- enable-radattr -- enable-tools -- enable-openssl -- disable-gmp -- enable-kernel-libipsec
4. Compile and install:1 make; make install
If no error is reported after compilation and version information is displayed using the ipsec version command, the installation is successful.Configure Certificate
1. Generate the private key of the CA certificate
1 ipsec pki -- gen -- ou
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.