List of Various OpenSSL Commands and KeyTool that are used to check/generate CSR, Self Sign Certificate, Private key, convert CSR, convert certificate, etc...
In 40 minutes the audience will learn a variety of ways to make postgresql database suddenly go out of memory on a box with half a terabyte of RAM.
Developer's and DBA's best practices for preventing this will also be discussed, as well as a bit of Postgres and Linux memory management internals.
Evening out the uneven: dealing with skew in FlinkFlink Forward
Flink Forward San Francisco 2022.
When running Flink jobs, skew is a common problem that results in wasted resources and limited scalability. In the past years, we have helped our customers and users solve various skew-related issues in their Flink jobs or clusters. In this talk, we will present the different types of skew that users often run into: data skew, key skew, event time skew, state skew, and scheduling skew, and discuss solutions for each of them. We hope this will serve as a guideline to help you reduce skew in your Flink environment.
by
Jun Qin & Karl Friedrich
This talk will be about managing DB scripts in our projects, from how to choose file structure to how easily manage them with large development team and run on different environments. We will look deep in the most popular tool for DB script migrations – Liquibase. How to write reliable scripts for Liquibase? How to run them everywhere? How to integrate them with Maven or Spring Boot? Answers for all these questions will be in this talk.
Deep Dive on ClickHouse Sharding and Replication-2202-09-22.pdfAltinity Ltd
Join the Altinity experts as we dig into ClickHouse sharding and replication, showing how they enable clusters that deliver fast queries over petabytes of data. We’ll start with basic definitions of each, then move to practical issues. This includes the setup of shards and replicas, defining schema, choosing sharding keys, loading data, and writing distributed queries. We’ll finish up with tips on performance optimization.
#ClickHouse #datasets #ClickHouseTutorial #opensource #ClickHouseCommunity #Altinity
-----------------
Join ClickHouse Meetups: https://www.meetup.com/San-Francisco-...
Check out more ClickHouse resources: https://altinity.com/resources/
Visit the Altinity Documentation site: https://docs.altinity.com/
Contribute to ClickHouse Knowledge Base: https://kb.altinity.com/
Join the ClickHouse Reddit community: https://www.reddit.com/r/Clickhouse/
----------------
Learn more about Altinity!
Site: https://www.altinity.com
LinkedIn: https://www.linkedin.com/company/alti...
Twitter: https://twitter.com/AltinityDB
Clickhouse Capacity Planning for OLAP Workloads, Mik Kocikowski of CloudFlareAltinity Ltd
Presented on December ClickHouse Meetup. Dec 3, 2019
Concrete findings and "best practices" from building a cluster sized for 150 analytic queries per second on 100TB of http logs. Topics covered: hardware, clients (http vs native), partitioning, indexing, SELECT vs INSERT performance, replication, sharding, quotas, and benchmarking.
In 40 minutes the audience will learn a variety of ways to make postgresql database suddenly go out of memory on a box with half a terabyte of RAM.
Developer's and DBA's best practices for preventing this will also be discussed, as well as a bit of Postgres and Linux memory management internals.
Evening out the uneven: dealing with skew in FlinkFlink Forward
Flink Forward San Francisco 2022.
When running Flink jobs, skew is a common problem that results in wasted resources and limited scalability. In the past years, we have helped our customers and users solve various skew-related issues in their Flink jobs or clusters. In this talk, we will present the different types of skew that users often run into: data skew, key skew, event time skew, state skew, and scheduling skew, and discuss solutions for each of them. We hope this will serve as a guideline to help you reduce skew in your Flink environment.
by
Jun Qin & Karl Friedrich
This talk will be about managing DB scripts in our projects, from how to choose file structure to how easily manage them with large development team and run on different environments. We will look deep in the most popular tool for DB script migrations – Liquibase. How to write reliable scripts for Liquibase? How to run them everywhere? How to integrate them with Maven or Spring Boot? Answers for all these questions will be in this talk.
Deep Dive on ClickHouse Sharding and Replication-2202-09-22.pdfAltinity Ltd
Join the Altinity experts as we dig into ClickHouse sharding and replication, showing how they enable clusters that deliver fast queries over petabytes of data. We’ll start with basic definitions of each, then move to practical issues. This includes the setup of shards and replicas, defining schema, choosing sharding keys, loading data, and writing distributed queries. We’ll finish up with tips on performance optimization.
#ClickHouse #datasets #ClickHouseTutorial #opensource #ClickHouseCommunity #Altinity
-----------------
Join ClickHouse Meetups: https://www.meetup.com/San-Francisco-...
Check out more ClickHouse resources: https://altinity.com/resources/
Visit the Altinity Documentation site: https://docs.altinity.com/
Contribute to ClickHouse Knowledge Base: https://kb.altinity.com/
Join the ClickHouse Reddit community: https://www.reddit.com/r/Clickhouse/
----------------
Learn more about Altinity!
Site: https://www.altinity.com
LinkedIn: https://www.linkedin.com/company/alti...
Twitter: https://twitter.com/AltinityDB
Clickhouse Capacity Planning for OLAP Workloads, Mik Kocikowski of CloudFlareAltinity Ltd
Presented on December ClickHouse Meetup. Dec 3, 2019
Concrete findings and "best practices" from building a cluster sized for 150 analytic queries per second on 100TB of http logs. Topics covered: hardware, clients (http vs native), partitioning, indexing, SELECT vs INSERT performance, replication, sharding, quotas, and benchmarking.
Galera cluster for MySQL - Introduction SlidesSeveralnines
This set of slides gives you an overview of Galera, configuration basics and deployment best practices.
The following topics are covered:
- Concepts
- Node provisioning
- Network partitioning
- Configuration example
- Benchmarks
- Deployment best practices
- Galera monitoring and management
Get Your Insecure PostgreSQL Passwords to SCRAMJonathan Katz
Passwords: they just seem to work. You connect to your PostgreSQL database and you are prompted for your password. You type in the correct character combination, and presto! you're in, safe and sound.
But what if I told you that all was not as it seemed. What if I told you there was a better, safer way to use passwords with PostgreSQL? What if I told you it was imperative that you upgraded, too?
PostgreSQL 10 introduced SCRAM (Salted Challenge Response Authentication Mechanism), introduced in RFC 5802, as a way to securely authenticate passwords. The SCRAM algorithm lets a client and server validate a password without ever sending the password, whether plaintext or a hashed form of it, to each other, using a series of cryptographic methods.
In this talk, we will look at:
* A history of the evolution of password storage and authentication in PostgreSQL
* How SCRAM works with a step-by-step deep dive into the algorithm (and convince you why you need to upgrade!)
* SCRAM channel binding, which helps prevent MITM attacks during authentication
* How to safely set and modify your passwords, as well as how to upgrade to SCRAM-SHA-256 (which we will do live!)
all of which will be explained by some adorable elephants and hippos!
At the end of this talk, you will understand how SCRAM works, how to ensure your PostgreSQL drivers supports it, how to upgrade your passwords to using SCRAM-SHA-256, and why you want to tell other PostgreSQL password mechanisms to SCRAM!
PostgreSQL is a very popular and feature-rich DBMS. At the same time, PostgreSQL has a set of annoying wicked problems, which haven't been resolved in decades. Miraculously, with just a small patch to PostgreSQL core extending this API, it appears possible to solve wicked PostgreSQL problems in a new engine made within an extension.
Deploying any software can be a challenge if you don't understand how resources are used or how to plan for the capacity of your systems. Whether you need to deploy or grow a single MongoDB instance, replica set, or tens of sharded clusters then you probably share the same challenges in trying to size that deployment.
This webinar will cover what resources MongoDB uses, and how to plan for their use in your deployment. Topics covered will include understanding how to model and plan capacity needs for new and growing deployments. The goal of this webinar will be to provide you with the tools needed to be successful in managing your MongoDB capacity planning tasks.
Inexpensive Datamasking for MySQL with ProxySQL — Data Anonymization for Deve...Ontico
HighLoad++ 2017
Зал «Кейптаун», 8 ноября, 16:00
Тезисы:
http://www.highload.ru/2017/abstracts/3115.html
During this session we will cover the last development in ProxySQL to support regular expressions (RE2 and PCRE) and how we can use this strong technique in correlation with ProxySQL's query rules to anonymize live data quickly and transparently. We will explain the mechanism and how to generate these rules quickly. We show live demo with all challenges we got from the Community and we finish the session by an interactive brainstorm testing queries from the audience.
A Fast Intro to Fast Query with ClickHouse, by Robert HodgesAltinity Ltd
Slides for the Webinar, presented on March 6, 2019
For the webinar video visit https://www.altinity.com/
Extracting business insight from massive pools of machine-generated data is the central analytic problem of the digital era. ClickHouse data warehouse addresses it with sub-second SQL query response on petabyte-scale data sets. In this talk we'll discuss the features that make ClickHouse increasingly popular, show you how to install it, and teach you enough about how ClickHouse works so you can try it out on real problems of your own. We'll have cool demos (of course) and gladly answer your questions at the end.
Speaker Bio:
Robert Hodges is CEO of Altinity, which offers enterprise support for ClickHouse. He has over three decades of experience in data management spanning 20 different DBMS types. ClickHouse is his current favorite. ;)
SQL Server High Availability Solutions (Pros & Cons)Hamid J. Fard
Proper SQL Server High Availability Solution Is Highly Depends on the Business Objective and IT Operation Objectives. It Happens Sometimes that We Might Have Few Solutions on the Table to Implement.
We always say Galera replication is synchronous, but is it really? Always? For every step? What are the caveats of such replication? What does virtual-synchronous mean?
In this talk, I'll discuss what certification and group communication are, and how they're performed. I'll also cover the difference between MySQL 5.6 GTID and Galera GTID. The goal of this presentation is to explain how a transaction is replicated using Galera.
After this presentation, the audience should be comfortable with terms like "brute force abort," "flow control," "local certification failure," etc.
The plan is to demystify Galera technology with easy illustrations and analogies.
Seven Habits of Highly Effective Jenkins Users (2014 edition!)Andrew Bayer
What plugins, tools and behaviors can help you get the most out of your Jenkins setup without all of the pain? We'll find out as we go over a set of Jenkins power tools, habits and best practices that will help with any Jenkins setup.
We will show how Galera Cluster executes DDLs in a safe, consistent manner across all the nodes in the cluster, and the differences with stand-alone MySQL. We will discuss how to prepare for and successfully carry out a schema upgrade and the considerations that need to be taken into account during the process.
WebLogic in Practice: SSL ConfigurationSimon Haslam
This presentation describes SSL certificate concepts and how to configure them within WebLogic. It was delivered by myself and Jacco Landlust (@oraclemva) at the UKOUG Tech13 conference.
Galera cluster for MySQL - Introduction SlidesSeveralnines
This set of slides gives you an overview of Galera, configuration basics and deployment best practices.
The following topics are covered:
- Concepts
- Node provisioning
- Network partitioning
- Configuration example
- Benchmarks
- Deployment best practices
- Galera monitoring and management
Get Your Insecure PostgreSQL Passwords to SCRAMJonathan Katz
Passwords: they just seem to work. You connect to your PostgreSQL database and you are prompted for your password. You type in the correct character combination, and presto! you're in, safe and sound.
But what if I told you that all was not as it seemed. What if I told you there was a better, safer way to use passwords with PostgreSQL? What if I told you it was imperative that you upgraded, too?
PostgreSQL 10 introduced SCRAM (Salted Challenge Response Authentication Mechanism), introduced in RFC 5802, as a way to securely authenticate passwords. The SCRAM algorithm lets a client and server validate a password without ever sending the password, whether plaintext or a hashed form of it, to each other, using a series of cryptographic methods.
In this talk, we will look at:
* A history of the evolution of password storage and authentication in PostgreSQL
* How SCRAM works with a step-by-step deep dive into the algorithm (and convince you why you need to upgrade!)
* SCRAM channel binding, which helps prevent MITM attacks during authentication
* How to safely set and modify your passwords, as well as how to upgrade to SCRAM-SHA-256 (which we will do live!)
all of which will be explained by some adorable elephants and hippos!
At the end of this talk, you will understand how SCRAM works, how to ensure your PostgreSQL drivers supports it, how to upgrade your passwords to using SCRAM-SHA-256, and why you want to tell other PostgreSQL password mechanisms to SCRAM!
PostgreSQL is a very popular and feature-rich DBMS. At the same time, PostgreSQL has a set of annoying wicked problems, which haven't been resolved in decades. Miraculously, with just a small patch to PostgreSQL core extending this API, it appears possible to solve wicked PostgreSQL problems in a new engine made within an extension.
Deploying any software can be a challenge if you don't understand how resources are used or how to plan for the capacity of your systems. Whether you need to deploy or grow a single MongoDB instance, replica set, or tens of sharded clusters then you probably share the same challenges in trying to size that deployment.
This webinar will cover what resources MongoDB uses, and how to plan for their use in your deployment. Topics covered will include understanding how to model and plan capacity needs for new and growing deployments. The goal of this webinar will be to provide you with the tools needed to be successful in managing your MongoDB capacity planning tasks.
Inexpensive Datamasking for MySQL with ProxySQL — Data Anonymization for Deve...Ontico
HighLoad++ 2017
Зал «Кейптаун», 8 ноября, 16:00
Тезисы:
http://www.highload.ru/2017/abstracts/3115.html
During this session we will cover the last development in ProxySQL to support regular expressions (RE2 and PCRE) and how we can use this strong technique in correlation with ProxySQL's query rules to anonymize live data quickly and transparently. We will explain the mechanism and how to generate these rules quickly. We show live demo with all challenges we got from the Community and we finish the session by an interactive brainstorm testing queries from the audience.
A Fast Intro to Fast Query with ClickHouse, by Robert HodgesAltinity Ltd
Slides for the Webinar, presented on March 6, 2019
For the webinar video visit https://www.altinity.com/
Extracting business insight from massive pools of machine-generated data is the central analytic problem of the digital era. ClickHouse data warehouse addresses it with sub-second SQL query response on petabyte-scale data sets. In this talk we'll discuss the features that make ClickHouse increasingly popular, show you how to install it, and teach you enough about how ClickHouse works so you can try it out on real problems of your own. We'll have cool demos (of course) and gladly answer your questions at the end.
Speaker Bio:
Robert Hodges is CEO of Altinity, which offers enterprise support for ClickHouse. He has over three decades of experience in data management spanning 20 different DBMS types. ClickHouse is his current favorite. ;)
SQL Server High Availability Solutions (Pros & Cons)Hamid J. Fard
Proper SQL Server High Availability Solution Is Highly Depends on the Business Objective and IT Operation Objectives. It Happens Sometimes that We Might Have Few Solutions on the Table to Implement.
We always say Galera replication is synchronous, but is it really? Always? For every step? What are the caveats of such replication? What does virtual-synchronous mean?
In this talk, I'll discuss what certification and group communication are, and how they're performed. I'll also cover the difference between MySQL 5.6 GTID and Galera GTID. The goal of this presentation is to explain how a transaction is replicated using Galera.
After this presentation, the audience should be comfortable with terms like "brute force abort," "flow control," "local certification failure," etc.
The plan is to demystify Galera technology with easy illustrations and analogies.
Seven Habits of Highly Effective Jenkins Users (2014 edition!)Andrew Bayer
What plugins, tools and behaviors can help you get the most out of your Jenkins setup without all of the pain? We'll find out as we go over a set of Jenkins power tools, habits and best practices that will help with any Jenkins setup.
We will show how Galera Cluster executes DDLs in a safe, consistent manner across all the nodes in the cluster, and the differences with stand-alone MySQL. We will discuss how to prepare for and successfully carry out a schema upgrade and the considerations that need to be taken into account during the process.
WebLogic in Practice: SSL ConfigurationSimon Haslam
This presentation describes SSL certificate concepts and how to configure them within WebLogic. It was delivered by myself and Jacco Landlust (@oraclemva) at the UKOUG Tech13 conference.
SSL Implementation - IBM MQ - Secure Communications nishchal29
Presenting the basics of SSL/TLS , usage of SSL protocol to secure the IBM MQ channels. Secure Communications between two Queue Managers and various test cases , between an application and Queue Manager , Errors , Certificate Renewal ..
The Java Keytool is a command-line utility used for managing keystores containing cryptographic keys, X.509 certificates, and other artifacts needed for secure communication and authentication. With the Keytool, users can generate certificate requests and certificate chains, view keys and certificates stored in a keystore, create or delete entries from a keystore, change the password for an entry in a keystore, or make changes to existing entries in a keystore. This powerful tool can also be used to convert between different keystore formats.
Seattle C* Meetup: Hardening cassandra for compliance or paranoiazznate
Details how to secure Apache Cassandra clusters. Covers client to server and server to server encryption, securing management and tooling, using authentication and authorization, as well as options for encryption at rest.
The Secure Socket Layer protocol was created by Netscape to ensure secure transactions between web servers and browsers.
Most certificates in common use are based on the X.509 v3 certificate standard. First I open the shell with the openssl.exe and MS SDK tools.
Hardening cassandra for compliance or paranoiazznate
How to secure a cassandra cluster. Includes details on configuring SSL, setting up a certificate authority and creating certificates and trust chains for the JVM.
The Last Pickle: Hardening Apache Cassandra for Compliance (or Paranoia).DataStax Academy
Security is always at odds with usability, particularly in the context of operations and development. More so when dealing with a distributed system such as Apache Cassandra. In this presentation, we'll walk through the steps required to completely secure a Cassandra cluster to meet most regulatory and compliance guidelines.
Topics will include:
- Encrypting cross-DC traffic
- Different types of at-rest disk encryption options available (and how to tune them)
- Configuring SSL for inter-cluster communication
- Configuring SSL between clients and the API
- Configuring and managing client authentication
Attendees will leave this presentation with the knowledge required to harden Cassandra to meet most guidelines imposed by regulations and compliance.
SSL, more strictly called Transport Layer Security (TLS), is a means to encrypt data that is in flight between software components, whether within your data center or between that and your end users' devices. This prevents eavesdroppers seeing confidential information, such as credit card numbers or database passwords, and ensures that components are communicating with who they they think they are. So why isn't SSL/TLS used for all electronic communications? Firstly it is, almost by definition, "slightly tricky" to configure and errors are not terribly informative when things don't work (why would you help a hacker?!). Secondly there is a performance overhead for running TLS, although with modern hardware this is probably less of a concern than it used to be.
This session describes how to configure TLS at all layers within a Fusion Middleware stack - from the front-end Oracle HTTP Server, right through to communications with the database.
This platform was first given by Simon Haslam (eProseed UK) and Jacco Landlust (ING) at the OGh Fusion Middleware Experience event in February 2016.
Training Slides: 302 - Securing Your Cluster With SSLContinuent
Watch this 41min training session on how to secure your Tungsten Cluster with SSL, looking at internal cluster communications as well as how to deploy SSL for the Tungsten Connector. It all starts off with some background information on what SSL is all about.
TOPICS COVERED
- What is SSL?
- Deploying SSL for Cluster communications
- Deploying SSL for Tungsten Connector
What is Asymmetric Encryption? Understand with Simple ExamplesCheapSSLsecurity
Learn what is Asymmetric Encryption and how asymmetric encryption works with examples. Also, demystify the difference between asymmetric vs symmetric encryption.
TLS 1.3: Everything You Need to Know - CheapSSLsecurityCheapSSLsecurity
TLS 1.3 has been passed as a web standard by IETF and it comes with significant advancements. Learn how it could make our virtual world safer and faster.
How to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH ErrorCheapSSLsecurity
ERR_SSL_VERSION_OR_CIPHER_MISMATCH is one of the most commonly encountered errors when it comes to web browsing. If your site is facing the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error, we’ve got the solutions. Get rid of the error in minutes, we’re not even kidding!
Apache Server: Common SSL Errors and Troubleshooting GuideCheapSSLsecurity
Have an Apache server? Facing an SSL related problem? Don’t worry, as we bring you the Apache SSL Errors and Troubleshooting Guide that will help you solve every SSL problem within minutes, without any hassle.
Multi Domain Wildcard Features explained by CheapSSLsecurityCheapSSLsecurity
Multi Domain Wildcard SSL certificate explained in detail by CheapSSLsecurity, understand its premium features, benefits, certificate authority types, etc.
What is Certificate Transparency (CT)? How does it work?CheapSSLsecurity
Certificate Transparency is Google’s initiative to make SSL certificate issuance process more transparent and minimize damages due to mis-issuance. Learn how it works.
Let’s understand about the “2017 Norton Cyber Security Insights Report”, the main topics of this reports are Cybercrime by the Numbers, Portrait of a Cybercrime Victim, Consumers’ Contradicting Beliefs, and State of Consumers’ Trust.
2017 was the year for Cyber Criminals, Multiple Cyber attacks, data breaches, and vulnerabilities. Let us understand the Cybersecurity Threats for 2018.
Is your business PCI DSS compliant? You’re digging your own grave if notCheapSSLsecurity
According to the latest report by Verizon, every organization that suffered from a data breach during 2010 to 2016 wasn’t fully PCI DSS compliant. Is yours?
Symantec (ISTR) Internet Security Threat Report Volume 22CheapSSLsecurity
Symantec’s Internet Security Threat Report (ISTR) demonstrates how simple tactics and innovative cyber criminals led to unprecedented outcomes in global threat activity.
Understanding SSL Certificate for Apps by SymantecCheapSSLsecurity
All the vital knowledge on the importance of SSL certificate for App security, how chain building works during SSL handshake and pro tips to build a Certificate chain.
Learn everything about Thawte Wildcard SSL Certificate including its features and benefits. Understand how Thawte Wildcard SSL certificate is important for a Business.
Shift to HTTPS and Save Your Website from the Wrath of BlacklistingCheapSSLsecurity
Google Chrome and Firefox and blacklisting Non-HTTP website which asks for Login Credentials, Understand to Shift to HTTPS shield against browser challenges.
Microsoft Exchange Server & SSL Certificates: Everything you need to knowCheapSSLsecurity
Require the best SSL Certificate for your Microsoft Exchange Server? here is the best guide each user should learn about SSL Certificate & Exchange Server.
Comodo Multi Domain SSL Certificate: Key Features by CheapSSLsecurityCheapSSLsecurity
Learn what is Comodo Multi Domain SSL certificate, how it works, understand its key features along with the encryption process of protecting multiple domains under a single certificate.
PRECEDENT AS A SOURCE OF LAW (SAIF JAVED).pptxOmGod1
Precedent, or stare decisis, is a cornerstone of common law systems where past judicial decisions guide future cases, ensuring consistency and predictability in the legal system. Binding precedents from higher courts must be followed by lower courts, while persuasive precedents may influence but are not obligatory. This principle promotes fairness and efficiency, allowing for the evolution of the law as higher courts can overrule outdated decisions. Despite criticisms of rigidity and complexity, precedent ensures similar cases are treated alike, balancing stability with flexibility in judicial decision-making.
A "File Trademark" is a legal term referring to the registration of a unique symbol, logo, or name used to identify and distinguish products or services. This process provides legal protection, granting exclusive rights to the trademark owner, and helps prevent unauthorized use by competitors.
Visit Now: https://www.tumblr.com/trademark-quick/751620857551634432/ensure-legal-protection-file-your-trademark-with?source=share
Car Accident Injury Do I Have a Case....Knowyourright
Every year, thousands of Minnesotans are injured in car accidents. These injuries can be severe – even life-changing. Under Minnesota law, you can pursue compensation through a personal injury lawsuit.
How to Obtain Permanent Residency in the NetherlandsBridgeWest.eu
You can rely on our assistance if you are ready to apply for permanent residency. Find out more at: https://immigration-netherlands.com/obtain-a-permanent-residence-permit-in-the-netherlands/.
NATURE, ORIGIN AND DEVELOPMENT OF INTERNATIONAL LAW.pptxanvithaav
These slides helps the student of international law to understand what is the nature of international law? and how international law was originated and developed?.
The slides was well structured along with the highlighted points for better understanding .
WINDING UP of COMPANY, Modes of DissolutionKHURRAMWALI
Winding up, also known as liquidation, refers to the legal and financial process of dissolving a company. It involves ceasing operations, selling assets, settling debts, and ultimately removing the company from the official business registry.
Here's a breakdown of the key aspects of winding up:
Reasons for Winding Up:
Insolvency: This is the most common reason, where the company cannot pay its debts. Creditors may initiate a compulsory winding up to recover their dues.
Voluntary Closure: The owners may decide to close the company due to reasons like reaching business goals, facing losses, or merging with another company.
Deadlock: If shareholders or directors cannot agree on how to run the company, a court may order a winding up.
Types of Winding Up:
Voluntary Winding Up: This is initiated by the company's shareholders through a resolution passed by a majority vote. There are two main types:
Members' Voluntary Winding Up: The company is solvent (has enough assets to pay off its debts) and shareholders will receive any remaining assets after debts are settled.
Creditors' Voluntary Winding Up: The company is insolvent and creditors will be prioritized in receiving payment from the sale of assets.
Compulsory Winding Up: This is initiated by a court order, typically at the request of creditors, government agencies, or even by the company itself if it's insolvent.
Process of Winding Up:
Appointment of Liquidator: A qualified professional is appointed to oversee the winding-up process. They are responsible for selling assets, paying off debts, and distributing any remaining funds.
Cease Trading: The company stops its regular business operations.
Notification of Creditors: Creditors are informed about the winding up and invited to submit their claims.
Sale of Assets: The company's assets are sold to generate cash to pay off creditors.
Payment of Debts: Creditors are paid according to a set order of priority, with secured creditors receiving payment before unsecured creditors.
Distribution to Shareholders: If there are any remaining funds after all debts are settled, they are distributed to shareholders according to their ownership stake.
Dissolution: Once all claims are settled and distributions made, the company is officially dissolved and removed from the business register.
Impact of Winding Up:
Employees: Employees will likely lose their jobs during the winding-up process.
Creditors: Creditors may not recover their debts in full, especially if the company is insolvent.
Shareholders: Shareholders may not receive any payout if the company's debts exceed its assets.
Winding up is a complex legal and financial process that can have significant consequences for all parties involved. It's important to seek professional legal and financial advice when considering winding up a company.
Introducing New Government Regulation on Toll Road.pdfAHRP Law Firm
For nearly two decades, Government Regulation Number 15 of 2005 on Toll Roads ("GR No. 15/2005") has served as the cornerstone of toll road legislation. However, with the emergence of various new developments and legal requirements, the Government has enacted Government Regulation Number 23 of 2024 on Toll Roads to replace GR No. 15/2005. This new regulation introduces several provisions impacting toll business entities and toll road users. Find out more out insights about this topic in our Legal Brief publication.
2. Understanding the OpenSSL
Open SSL is normally used to generate a Certificate
Signing Request (CSR) and private key for different
platforms.
OpenSSL is an open-source implementation of
SSL/TLS protocols and is considered to be one of
the most versatile SSL tools. It’s a library written in
C programming language that implements the
basic cryptographic functions. OpenSSL has
different versions for most Unix-like operating
systems, which include Mac OC X, Linux, and
Microsoft Windows etc.
3. Functions of OpenSSL
» View details about a CSR or a certificate
» Compare MD5 hash of a certificate and private key to ensure they match
» Verify proper installation of the certificate on a website
» Convert the certificate format
4. Most of the functions mentioned in this slide can also be
performed without involving OpenSSL by using these
convenient SSL Tools.
In this Slide Document, we have put together few of the
most common OpenSSL commands.
5. General OpenSSL Commands
These are the set of commands that allow the users to generate CSRs, Certificates, Private Keys and many other
miscellaneous tasks. Here, we have listed few such commands:
1.
6. “Purpose: Generate a Certificate Signing Request (CSR) and
new private key
OpenSSL Command:
openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout privateKey.key
8. “
Purpose: Create CSR based on an existing private key
OpenSSL Command:
openssl req -out CSR.csr -key privateKey.key –new
9. “
Purpose: Create CSR based on an existing certificate
OpenSSL Command:
openssl x509 -x509toreq -in certificate.crt -out CSR.csr -signkey privateKey.key
10. “
Purpose: Passphrase removal from a private key
OpenSSL Command:
openssl rsa -in privateKey.pem -out newPrivateKey.pem
11. SSL Check Commands
These commands are very helpful if the user wants to check the information within an SSL certificate, a Private
Key, and CSR. Few online tools can also help you check CSRs and check SSL certificates.
2.
16. Convert Commands
As per the title, these commands help convert the certificates and keys into different formats to impart them the
compatibility with specific servers types. For example, a PEM file, compatible with Apache server, can be
converted to PFX (PKCS#12), after which it would be possible for it to work with Tomcat or IIS.
However, you can also use the SSL Converter to change the format, without having to involve OpenSSL.
3.
17. “
Purpose: Convert DER Files (.crt, .cer, .der) to PEM
OpenSSL Command:
openssl x509 -inform der -in certificate.cer -out certificate.pem
18. “
Purpose: Convert PEM to DER
OpenSSL Command:
openssl x509 -outform der -in certificate.pem -out certificate.der
19. “Purpose: Convert PKCS #12 File (.pfx, .p12) Containing a
Private Key and Certificate to PEM
OpenSSL Command:
openssl pkcs12 -in keyStore.pfx -out keyStore.pem –nodes
Note: To output only the private key, users can add –nocerts or –nokeys to output only the certificates.
20. “Purpose: Convert PEM Certificate (File and a Private Key) to
PKCS # 12 (.pfx #12)
OpenSSL Command:
openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile
CACert.crt
21. Debugging Using OpenSSL Commands
If there are error messages popping up about your private key not matching the certificate or that the newly-
installed certificate is not trusted, you can rely on one of the comments mentioned below.
You can also use the SSL certificate checker tool for verifying the correct installation of an SSL certificate.
4.
22. 1. Check SSL Connection (All certificates, including Intermediates, are to be displayed)
Here, all the certificates should be displayed, including the Intermediates as well.
openssl s_client -connect www.paypal.com:443
23. 2. Check MD5 Hash of Public Key
This is to ensure that the public key matches with the CSR or the private key.
openssl x509 -noout -modulus -in certificate.crt | openssl md5
openssl rsa -noout -modulus -in privateKey.key | openssl md5
openssl req -noout -modulus -in CSR.csr | openssl md5
25. Every certificate in Java Keystore has a unique
pseudonym/alias. For creating a ‘Java Keystore’, you
need to first create the .jks file containing only the
private key in the beginning. After that, you need to
generate a Certificate Signing Request (CSR) and
generate a certificate from it. After this, import the
certificate to the Keystore including any root
certificates
The ‘Java Keytool’ basically contains several other
functions that help the users export a certificate or to
view the certificate details or the list of certificates in
Keystore.
Java Keytool is a key and certificate management utility
that allows the users to cache the certificate and
manage their own private or public key pairs and
certificates. Java Keytool stores all the keys and
certificates in a ‘KeyStore’, which is, by default,
implemented as a file. It contains private keys and
certificates that are essential for establishing the
reliability of the primary certificate and completing a
chain of trust.
26. Here are the SSL Keytool
For Checking
For Creating and
Importing
Other Java
Keytool
Commands
26
27. For Creating and Importing
These Keytool commands allow users to create a new Java Keytool Keystore, generate a Certificate Signing
Request (CSR) and import certificates. Before you import the primary certificate for your domain, you need to first
import any root or intermediate certificates.
1.
28. “Purpose: Import a root or intermediate CA certificate to an
existing Java keystore
OpenSSL Command:
keytool -import -trustcacerts -alias root -file Thawte.crt -keystore keystore.jks
29. “Purpose: Import a signed primary certificate to an existing
Java keystore
OpenSSL Command:
keytool -import -trustcacerts -alias mydomain -file mydomain.crt -keystore keystore.jks
41. “
Purpose: List the trusted CA Certificate
OpenSSL Command:
keytool -list -v -keystore $JAVA_HOME/jre/lib/security/cacerts
42. “
Purpose: Import new CA into Trusted Certs
OpenSSL Command:
keytool -import -trustcacerts -file /path/to/ca/ca.pem -alias CA_ALIAS -keystore
$JAVA_HOME/jre/lib/security/cacerts
43. Thanks for Reading
Any questions? You can find us at.
» https://cheapsslsecurity.com/blog/
» https://twitter.com/sslsecurity
» https://www.facebook.com/CheapSSLSecurities
» https://plus.google.com/+Cheapsslsecurity
44. SlidesCarnival icons are editable shapes.
This means that you can:
● Resize them without losing quality.
● Change fill color and opacity.
● Change line color, width and style.
Isn’t that nice? :)
Examples:
44
45. Now you can use any emoji as an icon!
And of course it resizes without losing quality and you can change the color.
How? Follow Google instructions
https://twitter.com/googledocs/status/730087240156643328
✋👆👉👍👤👦👧👨👩👪💃🏃💑❤😂
😉😋😒😭👶😸🐟🍒🍔💣📌📖🔨🎃🎈
🎨🏈🏰🌏🔌🔑and many more...
😉
45