Creating a keystore for plugin signing the easy way
•Download as PPT, PDF•
0 likes•1,477 views
How to create a keystore for jar-file signing and how to export the certificate for use with Lotus Domino policies to broadcast the trust to Notes clients.
Report
Share
Report
Share
Recommended
Client certificate validation in windows 8
Client certificate and token decryption in winRT apps.
* Decoding xml token
* Accessing local x509 certificates
* Certificate validation and decryption
* Certificate enrollment
There’s an API for that! Why and how to build on the IBM Connections PLATFORM
There’s an API for that! Why and how to build on the IBM Connections PLATFORMMikkel Flindt Heisterberg
"There’s an API for that! Why and how to build on the IBM Connections PLATFORM" from Social Connections VII in Stockholm, Sweden 13-14 November 2014.BP207 - Easy as pie creating widgets for ibm connections
This document provides an overview and introduction to developing widgets for IBM Connections. It discusses the IBM Connections architecture and how widgets fit into it. The key aspects covered include:
- How widgets are configured in widgets-config.xml and the iWidget specification for developing widgets
- Using the iContext and iEvents APIs to access necessary information and functionality
- Internationalization of widget titles and resources
- Best practices for logging, avoiding conflicts, and optimizing performance
The presentation aims to educate developers on the widget infrastructure and give guidance for building effective and optimized widgets for IBM Connections. Key areas like accessing REST APIs, proxy usage, and context handling when making asynchronous calls are demonstrated.
An Introduction to Working With the Activity Stream
Presentation about working with the Activity Stream in IBM Connections 4+ meaning what the concepts behind the Activity Stream are, who to work with it and how to perform many of the tasks you would need to do such as marking/unmarking as actionable etc.
BP309 Project Management Inside and Outside the Box
IBM Connections can help revolutionize project management by providing a single source of truth for all project information and enabling teams to connect, communicate, coordinate, and collaborate more effectively from inside and outside the collaboration tool. It allows teams to manage project components, track work through version control, easily share and discuss information, and capture related communications and documents. Extending Connections through APIs and widgets provides additional functionality for activities like notifying teams, embedding experiences, and reading/updating data to bridge systems together.
Social Connections VI Prague - An introduction to ibm connections as an appde...
Social Connections VI Prague - An introduction to ibm connections as an appde...Mikkel Flindt Heisterberg
"There’s an API for that! Why and how to build on the IBM Connections PLATFORM
" presentation from Social Connections VI in Prague on 16-17 June 2014.Plug yourself in and your app will never be the same (1 hr edition)
The document provides an overview of plugin development for Lotus Notes, Domino and Sametime applications using the Lotus Expeditor Toolkit. It discusses what plugins can do, how to install the Expeditor Toolkit plugin in Eclipse, the basic anatomy of a plugin, key extension points, and how to build user interfaces with SWT and jobs. The presentation also demonstrates how to create a sample plugin that reads data from a web service and displays it in a sidebar panel.
Lotus Notes Plugin Installation For Dummies
This document discusses how to install plugins into Lotus Notes from an update site. It explains that plugins can add functionality to Notes and can be mapped to Eclipse features. It provides information on how plugins are installed from an update site using a widget descriptor file and update site URL. The document also covers automating widget installs through Lotus Domino policies and setting security and desktop options.
Recommended
Client certificate validation in windows 8
Client certificate and token decryption in winRT apps.
* Decoding xml token
* Accessing local x509 certificates
* Certificate validation and decryption
* Certificate enrollment
There’s an API for that! Why and how to build on the IBM Connections PLATFORM
There’s an API for that! Why and how to build on the IBM Connections PLATFORMMikkel Flindt Heisterberg
"There’s an API for that! Why and how to build on the IBM Connections PLATFORM" from Social Connections VII in Stockholm, Sweden 13-14 November 2014.BP207 - Easy as pie creating widgets for ibm connections
This document provides an overview and introduction to developing widgets for IBM Connections. It discusses the IBM Connections architecture and how widgets fit into it. The key aspects covered include:
- How widgets are configured in widgets-config.xml and the iWidget specification for developing widgets
- Using the iContext and iEvents APIs to access necessary information and functionality
- Internationalization of widget titles and resources
- Best practices for logging, avoiding conflicts, and optimizing performance
The presentation aims to educate developers on the widget infrastructure and give guidance for building effective and optimized widgets for IBM Connections. Key areas like accessing REST APIs, proxy usage, and context handling when making asynchronous calls are demonstrated.
An Introduction to Working With the Activity Stream
Presentation about working with the Activity Stream in IBM Connections 4+ meaning what the concepts behind the Activity Stream are, who to work with it and how to perform many of the tasks you would need to do such as marking/unmarking as actionable etc.
BP309 Project Management Inside and Outside the Box
IBM Connections can help revolutionize project management by providing a single source of truth for all project information and enabling teams to connect, communicate, coordinate, and collaborate more effectively from inside and outside the collaboration tool. It allows teams to manage project components, track work through version control, easily share and discuss information, and capture related communications and documents. Extending Connections through APIs and widgets provides additional functionality for activities like notifying teams, embedding experiences, and reading/updating data to bridge systems together.
Social Connections VI Prague - An introduction to ibm connections as an appde...
Social Connections VI Prague - An introduction to ibm connections as an appde...Mikkel Flindt Heisterberg
"There’s an API for that! Why and how to build on the IBM Connections PLATFORM
" presentation from Social Connections VI in Prague on 16-17 June 2014.Plug yourself in and your app will never be the same (1 hr edition)
The document provides an overview of plugin development for Lotus Notes, Domino and Sametime applications using the Lotus Expeditor Toolkit. It discusses what plugins can do, how to install the Expeditor Toolkit plugin in Eclipse, the basic anatomy of a plugin, key extension points, and how to build user interfaces with SWT and jobs. The presentation also demonstrates how to create a sample plugin that reads data from a web service and displays it in a sidebar panel.
Lotus Notes Plugin Installation For Dummies
This document discusses how to install plugins into Lotus Notes from an update site. It explains that plugins can add functionality to Notes and can be mapped to Eclipse features. It provides information on how plugins are installed from an update site using a widget descriptor file and update site URL. The document also covers automating widget installs through Lotus Domino policies and setting security and desktop options.
Lotusphere 2012 - Show115 - Socialize Your Apps Using OpenSocial
1. Add fields for when, where, and address to the content document using Domino Designer.
2. Update the content_EditContent custom control XPage to display the new fields.
3. Update the layout_UserTabs custom control XPage to display the new fields on the Details tab.
This enhances the application to collect more event details and display them for editing and viewing the event registration details.
BP301 - An introduction to working with the activity stream
This document provides an introduction to working with the activity stream in IBM Connections. It discusses what the activity stream is and is not, including that it is a list of recent activities and notifications, not a replacement for email. It also covers the basics of interacting with the activity stream through its REST API, including how to post, retrieve, and work with different types of entries in the stream. An example agenda for the session is provided that will discuss these topics in more detail.
Bp209
The document discusses APIs and provides advice on designing good APIs. It begins with defining what an API is and explaining why organizations build APIs. It then discusses considerations for designing good APIs such as planning use cases, choosing protocols and data formats, and supporting developers. The document also covers topics like API versioning, security, authentication, and lessons learned from building APIs.
Introduction to OAuth
OAuth 2.0 for developers - the technology you need but never really learned. This presentation acts as a simple, easy to digest, introduction to the OAuth 2.0 protocol as well as a practical guide for administrators of IBM Connections and developers developing solutions for IBM Connections.
Introduction to OAuth 2.0 - the technology you need but never really learned
Introduction to OAuth 2.0 - the technology you need but never really learnedMikkel Flindt Heisterberg
This document provides an overview of OAuth 2.0 and how it can be used by developers to access user data from an API or service without requiring the user's credentials. It begins with explaining the problem that OAuth solves by allowing access to user data without sharing usernames and passwords. It then demonstrates the OAuth flow through diagrams and descriptions of the steps. These include generating an authorization URL, exchanging the authorization code for tokens, making requests with the access token, and refreshing tokens. The document concludes by noting that a demonstration of OAuth will be shown.IBM Connections 5 Gæstemodel
Præsentation fra Dannotes konferencen i november 2014 omkring hvordan gæstemodellen (guest model) i IBM Connections 5 fungerer, hvad det kræver og hvordan det ser ud for brugerne.
Death by PowerPoint
This document provides tips for creating effective PowerPoint presentations. It notes that many presentations are "unbearable" due to a lack of significance, structure, simplicity, and rehearsal. It emphasizes the importance of having a clear purpose for your presentation, using a simple structure like problem-solution, keeping slides concise with minimal text and images over clipart, writing speaker notes instead of long slides for printing, and rehearsing your presentation aloud to work out any issues. The overall message is that presentations should be passionate, memorable and scalable through a focus on simplicity and clarity of message.
Java Cert Pki
The document discusses digital certificates and public key infrastructure (PKI). It describes what information is contained in X.509 certificates and how they are used to verify identities and authenticate users. It also explains how the Java keytool can be used to generate key pairs, certificates, and manage a keystore containing private keys and certificate chains. Finally, it provides examples of Java programs for printing certificate information and building a certificate authority to sign other certificates.
Managing Websphere Application Server certificates
This document discusses managing and replacing SSL certificates in WebSphere 6.1. By default, WebSphere 6.1 uses key stores and trust stores to manage certificates rather than dummy keys. It provides tools in the admin console to manage certificates at different configuration scopes. It also describes how to manually replace expired certificates, including updating key stores, trust stores, and plugin configuration files.
Types of ssl commands and keytool
Know the various type of SSL Commands and Key tool which are useful for successful installation of SSL Certificate.
WebLogic in Practice: SSL Configuration
The document provides an overview of SSL configuration in Oracle WebLogic Server. It discusses key SSL concepts like key pairs, certificates, and certificate authorities. It describes how WebLogic uses Java keystores for identity and trust, and the tools like keytool and orapki that can be used to manage keys and certificates. The document also covers best practices for SSL configuration in WebLogic like always enabling hostname verification and not using demo certificates in production.
AD authentication with be eID
This document provides instructions to configure an Active Directory domain to enable authentication using Belgian electronic identity (eID) smartcards. It involves setting domain policies, customizing the domain controller and client registry settings, importing the Belgian public key authority certificates, and mapping a user's eID certificate to their account. The goal is to allow users to log into the domain by inserting their eID card and entering their PIN, without needing separate username and password.
Advanced Pen Testing Techniques-DNS-WMI
This document discusses advanced penetration testing techniques using reverse DNS and Windows Management Instrumentation (WMI). It describes how attackers can use DNS tunneling to sneak data in and out of an organization by encapsulating it within DNS packets. It also explains how WMI events on Windows systems can be used to persistently run agents and payloads even after reboots by binding event filters and consumers. Detection techniques involving WMI monitoring are also presented. The document aims to educate penetration testers and security professionals about these stealthy techniques being used by cybercriminals.
GUIDE ON INSTALLING SSL CERTIFICATE ON IBM HTTP SERVER
The document provides steps to install an SSL certificate on an IBM HTTP web server:
1. Open the key management utility and select the key database file to open it. Add any root and intermediate certificates by selecting them from their file locations.
2. To install the primary certificate, select the "Personal Certificate" option and browse to the certificate file location to receive and add the certificate to the key database.
3. The SSL certificate is now installed on the IBM HTTP web server. Additional SSL resources for the server are also provided.
The Dynamic Duo of Puppet and Vault tame SSL Certificates - Puppet Camps Cent...
Talk by Nick Maludy on using Puppet and HashiCorp Vault on implementing PKI (Public Key Infrastructure) for SSL certificates.
This was presented at Puppet Camps Central 2020
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The document discusses using Puppet and Vault together to dynamically manage SSL certificates. Puppet can use the vault_cert resource to request signed certificates from Vault and configure services to use the certificates. On Windows, some additional logic is needed to retrieve certificates' thumbprints and bind services to certificates using those thumbprints. This approach provides automated certificate renewal and distribution across platforms.
Implementing Certificate Based Authentication for HCL Traveler Access - Enga...
Implementing Certificate Based Authentication for HCL Traveler Access
Domino Certificate Based Authentication
HCL Verse
Android Devices
Mutual Authentication
Create CA & User Certificates
Import CA Certificate
Import User Certificates
Java cacerts
Domino Keyring
make_certs.cmd
Certificate Based Authentication
EngageUG 2020
#EngageUG
Milan Matejic
Signature verification of kernel module and kexec
The document discusses signature verification of kernel modules and the kexec binary loader in Linux. It describes:
1) How to enable kernel module signing using config options to cryptographically sign modules during installation and check signatures on loading.
2) How to generate signing keys, sign modules, and require valid signatures.
3) The mechanism where modules contain a signature string and metadata for verification.
4) How kexec can verify signatures of PE signed bzImage binaries using Authenticode signatures embedded in the COFF format.
5) The steps to enable verification in kexec, sign bzImages, and load signed kernels via kexec for testing.
DEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menace
The document discusses various ways that authentication tokens can be abused to bypass security protections. It describes how some implementations of token parsing and signature verification are vulnerable to arbitrary code execution or information disclosure attacks due to inconsistencies in how signing keys and security tokens are resolved from token metadata. Specific attacks are demonstrated against Windows Communication Foundation, Windows Identity Foundation, and SharePoint Server due to differences in how key and token resolution are handled for signature verification versus token authentication.
Implementing application security using the .net framework
This document provides an overview of application security features in the Microsoft .NET Framework. It covers code access security, role-based security using identities and principals, cryptography services for encryption and signing, securing ASP.NET web applications using forms authentication and validation controls, and securing ASP.NET web services using message-level security standards. The document also includes demonstrations of implementing these various security techniques in .NET applications and web services.
Collecting Symantec Code Signing Certificate - CodeSigningStore
Follow this to easily navigate the collection or, “pick-up” process after issuance and learn how to, export the certificate from your browser.
Exploiting XPC in AntiVirus
In this talk we will publish our research we conducted on 28 different AntiVirus products on macOS through 2020. Our focus was to assess the XPC services these products expose and if they presented any security vulnerabilities. We will talk about the typical issues, and demonstrate plenty of vulnerabilities, which typically led to full control of the given product or local privilege escalation on the system. At the end we will give advice to developers how to write secure XPC services.
More Related Content
Viewers also liked
Lotusphere 2012 - Show115 - Socialize Your Apps Using OpenSocial
1. Add fields for when, where, and address to the content document using Domino Designer.
2. Update the content_EditContent custom control XPage to display the new fields.
3. Update the layout_UserTabs custom control XPage to display the new fields on the Details tab.
This enhances the application to collect more event details and display them for editing and viewing the event registration details.
BP301 - An introduction to working with the activity stream
This document provides an introduction to working with the activity stream in IBM Connections. It discusses what the activity stream is and is not, including that it is a list of recent activities and notifications, not a replacement for email. It also covers the basics of interacting with the activity stream through its REST API, including how to post, retrieve, and work with different types of entries in the stream. An example agenda for the session is provided that will discuss these topics in more detail.
Bp209
The document discusses APIs and provides advice on designing good APIs. It begins with defining what an API is and explaining why organizations build APIs. It then discusses considerations for designing good APIs such as planning use cases, choosing protocols and data formats, and supporting developers. The document also covers topics like API versioning, security, authentication, and lessons learned from building APIs.
Introduction to OAuth
OAuth 2.0 for developers - the technology you need but never really learned. This presentation acts as a simple, easy to digest, introduction to the OAuth 2.0 protocol as well as a practical guide for administrators of IBM Connections and developers developing solutions for IBM Connections.
Introduction to OAuth 2.0 - the technology you need but never really learned
Introduction to OAuth 2.0 - the technology you need but never really learnedMikkel Flindt Heisterberg
This document provides an overview of OAuth 2.0 and how it can be used by developers to access user data from an API or service without requiring the user's credentials. It begins with explaining the problem that OAuth solves by allowing access to user data without sharing usernames and passwords. It then demonstrates the OAuth flow through diagrams and descriptions of the steps. These include generating an authorization URL, exchanging the authorization code for tokens, making requests with the access token, and refreshing tokens. The document concludes by noting that a demonstration of OAuth will be shown.IBM Connections 5 Gæstemodel
Præsentation fra Dannotes konferencen i november 2014 omkring hvordan gæstemodellen (guest model) i IBM Connections 5 fungerer, hvad det kræver og hvordan det ser ud for brugerne.
Death by PowerPoint
This document provides tips for creating effective PowerPoint presentations. It notes that many presentations are "unbearable" due to a lack of significance, structure, simplicity, and rehearsal. It emphasizes the importance of having a clear purpose for your presentation, using a simple structure like problem-solution, keeping slides concise with minimal text and images over clipart, writing speaker notes instead of long slides for printing, and rehearsing your presentation aloud to work out any issues. The overall message is that presentations should be passionate, memorable and scalable through a focus on simplicity and clarity of message.
Viewers also liked (7)
Lotusphere 2012 - Show115 - Socialize Your Apps Using OpenSocial
Lotusphere 2012 - Show115 - Socialize Your Apps Using OpenSocial
BP301 - An introduction to working with the activity stream
BP301 - An introduction to working with the activity stream
Introduction to OAuth 2.0 - the technology you need but never really learned
Introduction to OAuth 2.0 - the technology you need but never really learned
Similar to Creating a keystore for plugin signing the easy way
Java Cert Pki
The document discusses digital certificates and public key infrastructure (PKI). It describes what information is contained in X.509 certificates and how they are used to verify identities and authenticate users. It also explains how the Java keytool can be used to generate key pairs, certificates, and manage a keystore containing private keys and certificate chains. Finally, it provides examples of Java programs for printing certificate information and building a certificate authority to sign other certificates.
Managing Websphere Application Server certificates
This document discusses managing and replacing SSL certificates in WebSphere 6.1. By default, WebSphere 6.1 uses key stores and trust stores to manage certificates rather than dummy keys. It provides tools in the admin console to manage certificates at different configuration scopes. It also describes how to manually replace expired certificates, including updating key stores, trust stores, and plugin configuration files.
Types of ssl commands and keytool
Know the various type of SSL Commands and Key tool which are useful for successful installation of SSL Certificate.
WebLogic in Practice: SSL Configuration
The document provides an overview of SSL configuration in Oracle WebLogic Server. It discusses key SSL concepts like key pairs, certificates, and certificate authorities. It describes how WebLogic uses Java keystores for identity and trust, and the tools like keytool and orapki that can be used to manage keys and certificates. The document also covers best practices for SSL configuration in WebLogic like always enabling hostname verification and not using demo certificates in production.
AD authentication with be eID
This document provides instructions to configure an Active Directory domain to enable authentication using Belgian electronic identity (eID) smartcards. It involves setting domain policies, customizing the domain controller and client registry settings, importing the Belgian public key authority certificates, and mapping a user's eID certificate to their account. The goal is to allow users to log into the domain by inserting their eID card and entering their PIN, without needing separate username and password.
Advanced Pen Testing Techniques-DNS-WMI
This document discusses advanced penetration testing techniques using reverse DNS and Windows Management Instrumentation (WMI). It describes how attackers can use DNS tunneling to sneak data in and out of an organization by encapsulating it within DNS packets. It also explains how WMI events on Windows systems can be used to persistently run agents and payloads even after reboots by binding event filters and consumers. Detection techniques involving WMI monitoring are also presented. The document aims to educate penetration testers and security professionals about these stealthy techniques being used by cybercriminals.
GUIDE ON INSTALLING SSL CERTIFICATE ON IBM HTTP SERVER
The document provides steps to install an SSL certificate on an IBM HTTP web server:
1. Open the key management utility and select the key database file to open it. Add any root and intermediate certificates by selecting them from their file locations.
2. To install the primary certificate, select the "Personal Certificate" option and browse to the certificate file location to receive and add the certificate to the key database.
3. The SSL certificate is now installed on the IBM HTTP web server. Additional SSL resources for the server are also provided.
The Dynamic Duo of Puppet and Vault tame SSL Certificates - Puppet Camps Cent...
Talk by Nick Maludy on using Puppet and HashiCorp Vault on implementing PKI (Public Key Infrastructure) for SSL certificates.
This was presented at Puppet Camps Central 2020
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The document discusses using Puppet and Vault together to dynamically manage SSL certificates. Puppet can use the vault_cert resource to request signed certificates from Vault and configure services to use the certificates. On Windows, some additional logic is needed to retrieve certificates' thumbprints and bind services to certificates using those thumbprints. This approach provides automated certificate renewal and distribution across platforms.
Implementing Certificate Based Authentication for HCL Traveler Access - Enga...
Implementing Certificate Based Authentication for HCL Traveler Access
Domino Certificate Based Authentication
HCL Verse
Android Devices
Mutual Authentication
Create CA & User Certificates
Import CA Certificate
Import User Certificates
Java cacerts
Domino Keyring
make_certs.cmd
Certificate Based Authentication
EngageUG 2020
#EngageUG
Milan Matejic
Signature verification of kernel module and kexec
The document discusses signature verification of kernel modules and the kexec binary loader in Linux. It describes:
1) How to enable kernel module signing using config options to cryptographically sign modules during installation and check signatures on loading.
2) How to generate signing keys, sign modules, and require valid signatures.
3) The mechanism where modules contain a signature string and metadata for verification.
4) How kexec can verify signatures of PE signed bzImage binaries using Authenticode signatures embedded in the COFF format.
5) The steps to enable verification in kexec, sign bzImages, and load signed kernels via kexec for testing.
DEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menace
The document discusses various ways that authentication tokens can be abused to bypass security protections. It describes how some implementations of token parsing and signature verification are vulnerable to arbitrary code execution or information disclosure attacks due to inconsistencies in how signing keys and security tokens are resolved from token metadata. Specific attacks are demonstrated against Windows Communication Foundation, Windows Identity Foundation, and SharePoint Server due to differences in how key and token resolution are handled for signature verification versus token authentication.
Implementing application security using the .net framework
This document provides an overview of application security features in the Microsoft .NET Framework. It covers code access security, role-based security using identities and principals, cryptography services for encryption and signing, securing ASP.NET web applications using forms authentication and validation controls, and securing ASP.NET web services using message-level security standards. The document also includes demonstrations of implementing these various security techniques in .NET applications and web services.
Collecting Symantec Code Signing Certificate - CodeSigningStore
Follow this to easily navigate the collection or, “pick-up” process after issuance and learn how to, export the certificate from your browser.
Exploiting XPC in AntiVirus
In this talk we will publish our research we conducted on 28 different AntiVirus products on macOS through 2020. Our focus was to assess the XPC services these products expose and if they presented any security vulnerabilities. We will talk about the typical issues, and demonstrate plenty of vulnerabilities, which typically led to full control of the given product or local privilege escalation on the system. At the end we will give advice to developers how to write secure XPC services.
Hacking_PPT
This document provides information about various hacking techniques such as:
1. Using virtual operating systems and VMware Workstation software to discover system vulnerabilities.
2. Methods for accessing restricted folders using CACLS commands and changing access control lists.
3. Techniques for hiding files like hiding text in images using the COPY command and hiding disk volumes using DISKPART commands.
4. Details on phishing, keyloggers, SQL injection attacks, creating fake emails, and viewing live CCTV footage through Google searches.
Dos and Don'ts of Android Application Security (Security Professional Perspec...
Besides of strong Andorid Security model, android application is still unsecure. There exist lost of vulnerabilities in android application due to lack of secure coding and lack of proper secuity knowledge.
Hacking
Ethical hacking is a methodology adopted by ethical hackers to discover vulnerabilities existing in information systems' operating environments through three main steps: using virtual operating systems, storing passwords in hashed format in the SAM file located in the Windows system directory, and employing various techniques like backdoors, sticky keys, and modifying access control lists.
GameMaker - Publishing to Windows 8
This document provides steps for publishing a GameMaker game to the Windows 8 store:
1. Set up the development environment with Visual Studio 2012 and a Windows 8 export license.
2. Create a Windows 8 project in Visual Studio and associate it with an app name reserved in the Windows Store.
3. Configure the GameMaker project with information from the Visual Studio project like the display name and package name. Import the certificate file generated during the Visual Studio build process.
4. Build and test the game package using the Windows App Certification Kit (WACK) before publishing.
Similar to Creating a keystore for plugin signing the easy way (20)
Managing Websphere Application Server certificates
Managing Websphere Application Server certificates
GUIDE ON INSTALLING SSL CERTIFICATE ON IBM HTTP SERVER
GUIDE ON INSTALLING SSL CERTIFICATE ON IBM HTTP SERVER
The Dynamic Duo of Puppet and Vault tame SSL Certificates - Puppet Camps Cent...
The Dynamic Duo of Puppet and Vault tame SSL Certificates - Puppet Camps Cent...
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
Implementing Certificate Based Authentication for HCL Traveler Access - Enga...
Implementing Certificate Based Authentication for HCL Traveler Access - Enga...
DEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menace
DEF CON 27 - ALVARO MUNOZ / OLEKSANDR MIROSH - sso wars the token menace
Implementing application security using the .net framework
Implementing application security using the .net framework
Collecting Symantec Code Signing Certificate - CodeSigningStore
Collecting Symantec Code Signing Certificate - CodeSigningStore
Dos and Don'ts of Android Application Security (Security Professional Perspec...
Dos and Don'ts of Android Application Security (Security Professional Perspec...
More from Mikkel Flindt Heisterberg
An Introduction to Lightning Web Components
An introduction to Salesforce Lightning Web Components and transition from Lightning Aura Components. The deck shows the why, when and how.
BP205: There’s an API for that! Why and how to build on the IBM Connections P...
BP205: There’s an API for that! Why and how to build on the IBM Connections P...Mikkel Flindt Heisterberg
The document discusses IBM Connections and its application programming interfaces (APIs). It provides an overview of IBM Connections as a platform and describes its various APIs, which are based on the Atom standard. It also covers widgets/iWidgets for IBM Connections, developing for the activity stream, and the event service interface (SPI). The document aims to help developers understand and leverage the IBM Connections APIs and capabilities.OnTime Partner Webinar September 2011
The document summarizes a webinar about installing and deploying the OnTime Group Calendar plugin for Lotus Notes 2011. It includes an agenda that covers installing Java plugins for Lotus Notes, creating an update site and widget catalog databases, importing the update site, and configuring policies. The demo shows how to automate plugin installation using Eclipse preferences and security settings to run installations in the background without prompting for signatures.
Plug yourself in and your app will never be the same (2 hr editon)
This document provides an overview of plugin development for Lotus Notes, Domino and Sametime. It discusses the speaker's background in plugin development and the various capabilities and advantages of developing plugins. The agenda outlines topics like the Eclipse architecture, installing the Lotus Expeditor Toolkit, plugin basics, UI development using SWT and JFace, using jobs for threading, logging APIs, debugging, and deployment. Code examples are provided for many of these concepts.
Plug yourself in and your app will never be the same (2 hour edition)
This document provides an introduction and agenda for a seminar on plugin development for Lotus Notes, Domino and Sametime. It discusses what plugins are, why develop them, and provides an overview of the key Eclipse extension points and APIs that can be used to build plugins that extend the functionality of Lotus applications. The agenda includes topics like the Eclipse and Lotus Expeditor Toolkit, plugin basics, building UIs with SWT and JFace, threading with Jobs, logging, debugging and deployment.
Lotusphere Comes To You 2011
Presentation from Lotusphere Comes To You 2011 held in Copenhagen and Århus
Lotus Community Call - 22 March 2011
The document summarizes an IBM Lotus Community Call about creating plugins for Lotus Notes, Sametime, and Symphony. It introduces Tim Parsons and Mikkel Flindt Heisterberg who will be presenting. It describes the wiki created by an IBM team to document how to create plugins, provides links to access the wiki and sample code, and outlines the agenda which includes introductions, demos, and a Q&A.
More from Mikkel Flindt Heisterberg (7)
BP205: There’s an API for that! Why and how to build on the IBM Connections P...
BP205: There’s an API for that! Why and how to build on the IBM Connections P...
Plug yourself in and your app will never be the same (2 hr editon)
Plug yourself in and your app will never be the same (2 hr editon)
Plug yourself in and your app will never be the same (2 hour edition)
Plug yourself in and your app will never be the same (2 hour edition)
Recently uploaded
A Deep Dive into ScyllaDB's Architecture
This talk will cover ScyllaDB Architecture from the cluster-level view and zoom in on data distribution and internal node architecture. In the process, we will learn the secret sauce used to get ScyllaDB's high availability and superior performance. We will also touch on the upcoming changes to ScyllaDB architecture, moving to strongly consistent metadata and tablets.
AppSec PNW: Android and iOS Application Security with MobSF
Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.
This talk covers:
Using MobSF for static analysis of mobile applications.
Interactive dynamic security assessment of Android and iOS applications.
Solving Mobile app CTF challenges.
Reverse engineering and runtime analysis of Mobile malware.
How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Dmitrii Kamaev, PhD
Senior Product Owner - QIAGEN
Must Know Postgres Extension for DBA and Developer during Migration
Mydbops Opensource Database Meetup 16
Topic: Must-Know PostgreSQL Extensions for Developers and DBAs During Migration
Speaker: Deepak Mahto, Founder of DataCloudGaze Consulting
Date & Time: 8th June | 10 AM - 1 PM IST
Venue: Bangalore International Centre, Bangalore
Abstract: Discover how PostgreSQL extensions can be your secret weapon! This talk explores how key extensions enhance database capabilities and streamline the migration process for users moving from other relational databases like Oracle.
Key Takeaways:
* Learn about crucial extensions like oracle_fdw, pgtt, and pg_audit that ease migration complexities.
* Gain valuable strategies for implementing these extensions in PostgreSQL to achieve license freedom.
* Discover how these key extensions can empower both developers and DBAs during the migration process.
* Don't miss this chance to gain practical knowledge from an industry expert and stay updated on the latest open-source database trends.
Mydbops Managed Services specializes in taking the pain out of database management while optimizing performance. Since 2015, we have been providing top-notch support and assistance for the top three open-source databases: MySQL, MongoDB, and PostgreSQL.
Our team offers a wide range of services, including assistance, support, consulting, 24/7 operations, and expertise in all relevant technologies. We help organizations improve their database's performance, scalability, efficiency, and availability.
Contact us: info@mydbops.com
Visit: https://www.mydbops.com/
Follow us on LinkedIn: https://in.linkedin.com/company/mydbops
For more details and updates, please follow up the below links.
Meetup Page : https://www.meetup.com/mydbops-databa...
Twitter: https://twitter.com/mydbopsofficial
Blogs: https://www.mydbops.com/blog/
Facebook(Meta): https://www.facebook.com/mydbops/
Main news related to the CCS TSI 2023 (2023/1695)
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
At this talk we will discuss DDoS protection tools and best practices, discuss network architectures and what AWS has to offer. Also, we will look into one of the largest DDoS attacks on Ukrainian infrastructure that happened in February 2022. We'll see, what techniques helped to keep the web resources available for Ukrainians and how AWS improved DDoS protection for all customers based on Ukraine experience
The Microsoft 365 Migration Tutorial For Beginner.pptx
This presentation will help you understand the power of Microsoft 365. However, we have mentioned every productivity app included in Office 365. Additionally, we have suggested the migration situation related to Office 365 and how we can help you.
You can also read: https://www.systoolsgroup.com/updates/office-365-tenant-to-tenant-migration-step-by-step-complete-guide/
Mutation Testing for Task-Oriented Chatbots
Conversational agents, or chatbots, are increasingly used to access all sorts of services using natural language. While open-domain chatbots - like ChatGPT - can converse on any topic, task-oriented chatbots - the focus of this paper - are designed for specific tasks, like booking a flight, obtaining customer support, or setting an appointment. Like any other software, task-oriented chatbots need to be properly tested, usually by defining and executing test scenarios (i.e., sequences of user-chatbot interactions). However, there is currently a lack of methods to quantify the completeness and strength of such test scenarios, which can lead to low-quality tests, and hence to buggy chatbots.
To fill this gap, we propose adapting mutation testing (MuT) for task-oriented chatbots. To this end, we introduce a set of mutation operators that emulate faults in chatbot designs, an architecture that enables MuT on chatbots built using heterogeneous technologies, and a practical realisation as an Eclipse plugin. Moreover, we evaluate the applicability, effectiveness and efficiency of our approach on open-source chatbots, with promising results.
Introduction of Cybersecurity with OSS at Code Europe 2024
I develop the Ruby programming language, RubyGems, and Bundler, which are package managers for Ruby. Today, I will introduce how to enhance the security of your application using open-source software (OSS) examples from Ruby and RubyGems.
The first topic is CVE (Common Vulnerabilities and Exposures). I have published CVEs many times. But what exactly is a CVE? I'll provide a basic understanding of CVEs and explain how to detect and handle vulnerabilities in OSS.
Next, let's discuss package managers. Package managers play a critical role in the OSS ecosystem. I'll explain how to manage library dependencies in your application.
I'll share insights into how the Ruby and RubyGems core team works to keep our ecosystem safe. By the end of this talk, you'll have a better understanding of how to safeguard your code.
Apps Break Data
How information systems are built or acquired puts information, which is what they should be about, in a secondary place. Our language adapted accordingly, and we no longer talk about information systems but applications. Applications evolved in a way to break data into diverse fragments, tightly coupled with applications and expensive to integrate. The result is technical debt, which is re-paid by taking even bigger "loans", resulting in an ever-increasing technical debt. Software engineering and procurement practices work in sync with market forces to maintain this trend. This talk demonstrates how natural this situation is. The question is: can something be done to reverse the trend?
"What does it really mean for your system to be available, or how to define w...
We will talk about system monitoring from a few different angles. We will start by covering the basics, then discuss SLOs, how to define them, and why understanding the business well is crucial for success in this exercise.
GNSS spoofing via SDR (Criptored Talks 2024)
In the realm of cybersecurity, offensive security practices act as a critical shield. By simulating real-world attacks in a controlled environment, these techniques expose vulnerabilities before malicious actors can exploit them. This proactive approach allows manufacturers to identify and fix weaknesses, significantly enhancing system security.
This presentation delves into the development of a system designed to mimic Galileo's Open Service signal using software-defined radio (SDR) technology. We'll begin with a foundational overview of both Global Navigation Satellite Systems (GNSS) and the intricacies of digital signal processing.
The presentation culminates in a live demonstration. We'll showcase the manipulation of Galileo's Open Service pilot signal, simulating an attack on various software and hardware systems. This practical demonstration serves to highlight the potential consequences of unaddressed vulnerabilities, emphasizing the importance of offensive security practices in safeguarding critical infrastructure.
What is an RPA CoE? Session 2 – CoE Roles
In this session, we will review the players involved in the CoE and how each role impacts opportunities.
Topics covered:
• What roles are essential?
• What place in the automation journey does each role play?
Speaker:
Chris Bolin, Senior Intelligent Automation Architect Anika Systems
Demystifying Knowledge Management through Storytelling
The Department of Veteran Affairs (VA) invited Taylor Paschal, Knowledge & Information Management Consultant at Enterprise Knowledge, to speak at a Knowledge Management Lunch and Learn hosted on June 12, 2024. All Office of Administration staff were invited to attend and received professional development credit for participating in the voluntary event.
The objectives of the Lunch and Learn presentation were to:
- Review what KM ‘is’ and ‘isn’t’
- Understand the value of KM and the benefits of engaging
- Define and reflect on your “what’s in it for me?”
- Share actionable ways you can participate in Knowledge - - Capture & Transfer
Northern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
What began over 115 years ago as a supplier of precision gauges to the automotive industry has evolved into being an industry leader in the manufacture of product branding, automotive cockpit trim and decorative appliance trim. Value-added services include in-house Design, Engineering, Program Management, Test Lab and Tool Shops.
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
This LF Energy webinar took place June 20, 2024. It featured:
-Alex Thornton, LF Energy
-Hallie Cramer, Google
-Daniel Roesler, UtilityAPI
-Henry Richardson, WattTime
In response to the urgency and scale required to effectively address climate change, open source solutions offer significant potential for driving innovation and progress. Currently, there is a growing demand for standardization and interoperability in energy data and modeling. Open source standards and specifications within the energy sector can also alleviate challenges associated with data fragmentation, transparency, and accessibility. At the same time, it is crucial to consider privacy and security concerns throughout the development of open source platforms.
This webinar will delve into the motivations behind establishing LF Energy’s Carbon Data Specification Consortium. It will provide an overview of the draft specifications and the ongoing progress made by the respective working groups.
Three primary specifications will be discussed:
-Discovery and client registration, emphasizing transparent processes and secure and private access
-Customer data, centering around customer tariffs, bills, energy usage, and full consumption disclosure
-Power systems data, focusing on grid data, inclusive of transmission and distribution networks, generation, intergrid power flows, and market settlement data
From Natural Language to Structured Solr Queries using LLMs
This talk draws on experimentation to enable AI applications with Solr. One important use case is to use AI for better accessibility and discoverability of the data: while User eXperience techniques, lexical search improvements, and data harmonization can take organizations to a good level of accessibility, a structural (or “cognitive” gap) remains between the data user needs and the data producer constraints.
That is where AI – and most importantly, Natural Language Processing and Large Language Model techniques – could make a difference. This natural language, conversational engine could facilitate access and usage of the data leveraging the semantics of any data source.
The objective of the presentation is to propose a technical approach and a way forward to achieve this goal.
The key concept is to enable users to express their search queries in natural language, which the LLM then enriches, interprets, and translates into structured queries based on the Solr index’s metadata.
This approach leverages the LLM’s ability to understand the nuances of natural language and the structure of documents within Apache Solr.
The LLM acts as an intermediary agent, offering a transparent experience to users automatically and potentially uncovering relevant documents that conventional search methods might overlook. The presentation will include the results of this experimental work, lessons learned, best practices, and the scope of future work that should improve the approach and make it production-ready.
ScyllaDB Tablets: Rethinking Replication
ScyllaDB is making a major architecture shift. We’re moving from vNode replication to tablets – fragments of tables that are distributed independently, enabling dynamic data distribution and extreme elasticity. In this keynote, ScyllaDB co-founder and CTO Avi Kivity explains the reason for this shift, provides a look at the implementation and roadmap, and shares how this shift benefits ScyllaDB users.
Recently uploaded (20)
AppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSF
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians
Must Know Postgres Extension for DBA and Developer during Migration
Must Know Postgres Extension for DBA and Developer during Migration
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
The Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptx
Poznań ACE event - 19.06.2024 Team 24 Wrapup slidedeck
Poznań ACE event - 19.06.2024 Team 24 Wrapup slidedeck
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
"What does it really mean for your system to be available, or how to define w...
"What does it really mean for your system to be available, or how to define w...
Demystifying Knowledge Management through Storytelling
Demystifying Knowledge Management through Storytelling
Northern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
Northern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
From Natural Language to Structured Solr Queries using LLMs
From Natural Language to Structured Solr Queries using LLMs
Creating a keystore for plugin signing the easy way
- 1. How to create a Java keystore for plugin signing the easy way Mikkel Flindt Heisterberg OnTime by IntraVision
- 2. Create the keystore • Use iKeyMan to create the keysore – <Notes>jvmbinikeyman.exe i.e. C:Notes8jvm binikeyman.exe • Create keystore of type JCEKS and specify a password for the keystore • Note the directory where you create the keystore
- 3. Create self-signed certificate • In ”Personal Certificates” click ”New Self- Signed...” and fill in the fields. • Make sure to adjust the validity perido of the certificate • Note the ”Key Label” you specify (here it’s ”signerkey”) • Exit iKeyman
- 4. Verify keystore • In a DOS prompt use the KeyTool from the JDK to verify the keystore – If you haven’t got a JDK installed use the one installed with Notes (<Notes>jvmbinkeytool.exe) • C:Notes8jvmbinkeytool.exe -keystore keystore.jck -storetype jceks -list -v
- 6. Export certificate • Now export the certificate that is the certificate to verify jar-file signatures – Again using the keytool as before – This creates mycert.der which is the file you import into Domino Directory • C:Notes8jvmbinkeytool.exe -keystore keystore.jck -storetype jceks –export –file mycert.der –alias signerkey
- 8. Import the certificate in Domino
- 9. Import the certificate in Domino
- 10. Import the certificate in Domino
- 11. Import the certificate in Domino
- 12. Trust • Next steps are to – Cross certify the imported internet certificate with your a Notes certifier – Use policies (Security settings) to broadcast the internet certificate and cross certification of the internet certificate to Notes clients – The option is on the ”Keys and Certificates” tab under ”Administrative Trust Defaults”
- 13. Sign jar-file using keystore • You sign jar-files using the jarsigner.exe tool from the JDK – Again you can use the one installed with the Notes JVM if need be • C:Notes8jvmbinjarsigner.exe -keystore keystore.jck -storetype jceks –signedjar signed.jar myfile.jar signerkey
- 14. Sign jar-file using keystore