Friday, August 22, 2008

Use the openssl command to convert between formats as follows:

0. To convert a certificate from PEM to DER:
0. x509 –in input.crt –inform PEM –out output.crt –outform DER
0. To convert a certificate from DER to PEM:
0. x509 –in input.crt –inform DER –out output.crt –outform PEM
0. To convert a key from PEM to DER:
0. rsa –in input.key –inform PEM –out output.key –outform DER
0. To convert a key from DER to PEM:
0. rsa –in input.key –inform DER –out output.key –outform PEM

posted by eCo at 2:27 PM 0 comments

Friday, October 26, 2007

OCS 2007 APIs

Just came across an overview of the OCS 2007 APIs.
Find it here

posted by eCo at 7:09 AM 0 comments

Wednesday, July 04, 2007

Notes/Domino Calendaring & Scheduling field descriptions

I found a complete (?) descritption of the Calendaring & Scheduling field descriptions, this is nice to have when working with such applications. The list is available here.

posted by eCo at 1:47 AM 0 comments

Monday, May 14, 2007

How do I sign my jar files?

I found myself having a .spc and a .pvk file, but how do I use those for signing a JAR file?

This is how I did:
  1. Open the console
  2. Type pvkimport (download from http://office.microsoft.com/downloads/2000/pvkimprt.aspx)
  3. Follow the onscreen wizard
  4. A pck file was created
  5. Now we need to know the alias that corresponds to this file
  6. Type keytool -list -storetype pkcs12 -keystore mycredentials.pfx
  7. You will see an output like this

    Keystore type: pkcs12
    Keystore provider: SunJSSE

    Your keystore contains 1 entry

    xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx, May 14, 2007, keyEntry,
    Certificate fingerprint (MD5): hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh


  8. The alias is the "xxxxxxxx-xxxx-..." part
  9. Sign your JARs using
    jarsigner -storetype pkcs12 -keystore mycredentials.pfx file.jar "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
Happy signing

posted by eCo at 11:35 AM 0 comments

Tuesday, May 08, 2007

Using Apache Axis with integrated Windows Authentication

Occasionally you might want to use Apache Axis with the Integrated Windows Authentication. To do so you need to tell Axis to use different class for HTTP communication than it normally does. I found this post on Mark Mascolino's place on the web on how to do so:

"I haven't seen a single place that describes everything that you need to do in order to use Apache Axis to access web services that are protected using IIS's Integrated Windows Authentication (or NTLM) scheme. Its not very hard to get the product to support it, but the documentation isn't all in one place.

In order for Axis to support Integrated Windows Authentication, you need to tell the Axis client to use a different class for HTTP communications. In Axis parlance, these classes are called Handlers, that is they are subclasses of Handler. By default, the Axis client uses the HTTPSender for its communications. The CommonsHTTPSender however is the one that supports Integrated Windows Authentication. The easiest way to use to instruct the Axis client to use this class for HTTP communications is to create a custom client-config.wsdd file. Here is a simple one that enables using the CommonsHTTPSender class for HTTP communication:




<?xml version="1.0" encoding="UTF-8"?>

<deployment name="commonsHTTPConfig"

xmlns="http://xml.apache.org/axis/wsdd/"

xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">



<transport name="http" pivot="java:org.apache.axis.transport.http.CommonsHTTPSender" />

<transport name="local" pivot="java:org.apache.axis.transport.local.LocalSender" />


<transport name="java" pivot="java:org.apache.axis.transport.java.JavaSender" />



</deployment>


One easy way to make sure that Axis notices your configuration file is to store this file in the classpath at the location org/apache/axis/client. The client will find this configuration file dynamically at runtime. There are several other ways configure the Axis client that may be more appropriate to your situation.

Lastly, make sure your classpath includes Apache Jakarta Commons Http Client and Apache Jakarta Commons Codec. If you are using Apache Axis 1.3, you must use the 3.x series of Http Client.

Once you have done this, you should be able to use Apache Axis against web services that are protected by Integrated Windows Authentication.

Update: To answer Yuhua's question from below, specifing usernames and passwords is no different than any other Axis based webservice. For whatever generated class implements the Stub interface, you can call the setUsername(String) and setPassword(String) methods. The username component would consist of your domain name as well as your username, seperated by a backslash."

posted by eCo at 5:37 AM 1 comments

Friday, April 20, 2007

Digitally sign you files

Releasing software, I find it necessary to sign my msi files. If you do have the certificate (of course you have, right?), its quite easy.

If you only need to sign a file, and really don't want to import the certificate into your local store, typing signtool.exe signwizard from your command console will do. This brings up a wizard that lets you choose the file to sign, lets you choose to use a certificate from you local store or from a file, certain parameters (no big surprises there really) and overwrites the old unsigned file with the newly now signed one. Its that easy.

If you want to run signtool in an automatic process, its no problem to do so, Stuart Preston's blog has a nice entry that tells you how

posted by eCo at 12:05 AM 0 comments

Wednesday, March 28, 2007

I recently came across the complete (?) list of Windows Update codes. Great info while debugging.

posted by eCo at 7:17 AM 0 comments