www.reisinger.ws
Open in
urlscan Pro
2001:1520:a:ec::
Public Scan
Submitted URL: https://reisinger.ws.mcas.ms/
Effective URL: https://www.reisinger.ws/
Submission: On October 10 via api from US — Scanned from US
Effective URL: https://www.reisinger.ws/
Submission: On October 10 via api from US — Scanned from US
Form analysis 1 forms found in the DOM
GET https://www.reisinger.ws/
<form method="get" class="search-form navigation-search" action="https://www.reisinger.ws/">
<input type="search" class="search-field" value="" name="s" title="Suchen">
</form>Text Content
Zum Inhalt springen
HARRY'S BLOG
Programming and nerding …
Menü
* Home
* Programmieren
* Administration
* Powershell
* LotusScript
* Privacy Policy
*
FANCY KEY- AND TRUSTSTORES IN HCL DOMINO
10.10.22 von Harald
Have you ever tried, to access HTTPS Resources outside with Java (in Agents or
xPages) in HCL-Domino. Of course you can add your certificates to the
cacerts-file within the Domino JVM. But with the next update it maybe will be
gone for good, because the installer decided to replace it with his own.
But you can use some fancy Java-Tricks and create your own truststores and
keystores and use them in your Java-Code.
The key Item here is the javax.net.ssl.SSLSocketFactory. Create an instace of
this and pass it to your
HttpsURLConnection
HttpsURLConnection.
First, you need am Method, which creates a javax.net.ssl.SSLSocketFactory:
Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
/**
* Create an Instacce of javax.net.ssl.SSLSocketFactory with a given keystore and
trusstore
*
* @param trustFileInputStream a InputStream to a Java-Keystore File containing
the trusted certifcates
* @param tustPassword the passwort for the Truststore File
* @param keyFileInputStream a InputStream to a Java-Keystore-File containing the
client-certificate
* @param keyPassword the passwort for hte Keystore-File
*
* @return a javax.net.ssl.SSLSocketFactory Instance configured with the provided
key- and truststore.
*
*/
public static SSLSocketFactory getFactory(InputStream trustFileInputStream,
String trustPassword, InputStream keyFileInputStream, String keyPassword)
throws Exception {
// the keystore holds my ClientCertificates, it is only needed if you need
Client-Certificate authentication
// I choose the PKCS12 File-Format (private key protected with a passphrase)
KeyStore keyStore = KeyStore.getInstance("PKCS12");
keyStore.load(keyFileInputStream, keyPassword.toCharArray());
KeyManagerFactory keyManagerFactory =
KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, keyPassword.toCharArray());
KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
// the truststore holds all the certificates you want to trust, i.e. the
certifcate from the lets-encrypt-ca
// I choose the JKS [JavaKeyStore] Format, the same formate as the famous
cacerts-File
KeyStore trustStore = KeyStore.getInstance("JKS");
trustStore.load(trustFileInputStream, trustPassword.toCharArray());
TrustManagerFactory trustManagerFactory = TrustManagerFactory
.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(trustStore);
TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
// please do not use any TLS-Version below 1.2, if possible use 1.3 :)
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
sslContext.init(keyManagers, trustManagers, new SecureRandom());
return sslContext.getSocketFactory();
}
/** * Create an Instacce of javax.net.ssl.SSLSocketFactory with a given keystore
and trusstore * * @param trustFileInputStream a InputStream to a Java-Keystore
File containing the trusted certifcates * @param tustPassword the passwort for
the Truststore File * @param keyFileInputStream a InputStream to a
Java-Keystore-File containing the client-certificate * @param keyPassword the
passwort for hte Keystore-File * * @return a javax.net.ssl.SSLSocketFactory
Instance configured with the provided key- and truststore. * */ public static
SSLSocketFactory getFactory(InputStream trustFileInputStream, String
trustPassword, InputStream keyFileInputStream, String keyPassword) throws
Exception { // the keystore holds my ClientCertificates, it is only needed if
you need Client-Certificate authentication // I choose the PKCS12 File-Format
(private key protected with a passphrase) KeyStore keyStore =
KeyStore.getInstance("PKCS12"); keyStore.load(keyFileInputStream,
keyPassword.toCharArray()); KeyManagerFactory keyManagerFactory =
KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, keyPassword.toCharArray()); KeyManager[]
keyManagers = keyManagerFactory.getKeyManagers(); // the truststore holds all
the certificates you want to trust, i.e. the certifcate from the lets-encrypt-ca
// I choose the JKS [JavaKeyStore] Format, the same formate as the famous
cacerts-File KeyStore trustStore = KeyStore.getInstance("JKS");
trustStore.load(trustFileInputStream, trustPassword.toCharArray());
TrustManagerFactory trustManagerFactory = TrustManagerFactory
.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(trustStore); TrustManager[] trustManagers =
trustManagerFactory.getTrustManagers(); // please do not use any TLS-Version
below 1.2, if possible use 1.3 :) SSLContext sslContext =
SSLContext.getInstance("TLSv1.2"); sslContext.init(keyManagers, trustManagers,
new SecureRandom()); return sslContext.getSocketFactory(); }
/**
* Create an Instacce of javax.net.ssl.SSLSocketFactory with a given keystore and trusstore
*
* @param trustFileInputStream a InputStream to a Java-Keystore File containing the trusted certifcates
* @param tustPassword the passwort for the Truststore File
* @param keyFileInputStream a InputStream to a Java-Keystore-File containing the client-certificate
* @param keyPassword the passwort for hte Keystore-File
*
* @return a javax.net.ssl.SSLSocketFactory Instance configured with the provided key- and truststore.
*
*/
public static SSLSocketFactory getFactory(InputStream trustFileInputStream, String trustPassword, InputStream keyFileInputStream, String keyPassword)
throws Exception {
// the keystore holds my ClientCertificates, it is only needed if you need Client-Certificate authentication
// I choose the PKCS12 File-Format (private key protected with a passphrase)
KeyStore keyStore = KeyStore.getInstance("PKCS12");
keyStore.load(keyFileInputStream, keyPassword.toCharArray());
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, keyPassword.toCharArray());
KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
// the truststore holds all the certificates you want to trust, i.e. the certifcate from the lets-encrypt-ca
// I choose the JKS [JavaKeyStore] Format, the same formate as the famous cacerts-File
KeyStore trustStore = KeyStore.getInstance("JKS");
trustStore.load(trustFileInputStream, trustPassword.toCharArray());
TrustManagerFactory trustManagerFactory = TrustManagerFactory
.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(trustStore);
TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
// please do not use any TLS-Version below 1.2, if possible use 1.3 :)
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
sslContext.init(keyManagers, trustManagers, new SecureRandom());
return sslContext.getSocketFactory();
}
Then some code to put the SSLSocketFactory into use. I hope you are familiar
with HCL-Domino Java programming, there are some things you will need to now.
At first I get some attachments holding the files needed (ClientCertificate and
TrustStore) and the passwords for them. All these things are stored in a Notes
Document and are finally passed to the method from above.
Then we create an javax.net.HttpsUrlConnection and simply POST some (here not
printed) content to an java.net.Url
Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
RichTextItem rti_cert = (RichTextItem)
profile_doc.getFirstItem("ClientCertificate");
EmbeddedObject eo_cert = (EmbeddedObject) rti_cert.getEmbeddedObjects().get(0);
RichTextItem rti_trust = (RichTextItem) profile_doc.getFirstItem("TrustStore");
EmbeddedObject eo_trust = (EmbeddedObject)
rti_trust.getEmbeddedObjects().get(0);
InputStream trustfileInputStream = eo_trust.getInputStream();
InputStream keyFileInputStream = eo_cert.getInputStream();
String client_cert_password =
profile_doc.getItemValueString("ClientCertPassword");
String truststore_password =
profile_doc.getItemValueString("TrustStorePasswort");
SSLSocketFactory ssl_socket_factory =
SSLUtils.getFactory(trustfileInputStream,truststore_password,
keyFileInputStream, client_cert_password);
System.out.println("Create HTTPS Connection to " + url.toString());
HttpsURLConnection conn;
conn = (HttpsURLConnection) url.openConnection();
conn.setSSLSocketFactory(ssl_socket_factory);
conn.setDoOutput(true);
conn.setDoInput(true);
conn.setRequestProperty("Content-Type", "application/soap+xml; charset=utf-8");
conn.setRequestMethod("POST");
System.out.println("Writing Content to output stream");
OutputStream os = conn.getOutputStream();
os.write(content.getBytes());
os.close();
System.out.println("Writing Content to output stream done");
eo_cert.recycle();
eo_cert = null;
rti_cert.recycle();
rti_cert = null;
eo_trust.recycle();
eo_trust = null;
rti_trust.recycle();
rti_trust = null;
RichTextItem rti_cert = (RichTextItem)
profile_doc.getFirstItem("ClientCertificate"); EmbeddedObject eo_cert =
(EmbeddedObject) rti_cert.getEmbeddedObjects().get(0); RichTextItem rti_trust =
(RichTextItem) profile_doc.getFirstItem("TrustStore"); EmbeddedObject eo_trust =
(EmbeddedObject) rti_trust.getEmbeddedObjects().get(0); InputStream
trustfileInputStream = eo_trust.getInputStream(); InputStream keyFileInputStream
= eo_cert.getInputStream(); String client_cert_password =
profile_doc.getItemValueString("ClientCertPassword"); String truststore_password
= profile_doc.getItemValueString("TrustStorePasswort"); SSLSocketFactory
ssl_socket_factory =
SSLUtils.getFactory(trustfileInputStream,truststore_password,
keyFileInputStream, client_cert_password); System.out.println("Create HTTPS
Connection to " + url.toString()); HttpsURLConnection conn; conn =
(HttpsURLConnection) url.openConnection();
conn.setSSLSocketFactory(ssl_socket_factory); conn.setDoOutput(true);
conn.setDoInput(true); conn.setRequestProperty("Content-Type",
"application/soap+xml; charset=utf-8"); conn.setRequestMethod("POST");
System.out.println("Writing Content to output stream"); OutputStream os =
conn.getOutputStream(); os.write(content.getBytes()); os.close();
System.out.println("Writing Content to output stream done"); eo_cert.recycle();
eo_cert = null; rti_cert.recycle(); rti_cert = null; eo_trust.recycle();
eo_trust = null; rti_trust.recycle(); rti_trust = null;
RichTextItem rti_cert = (RichTextItem) profile_doc.getFirstItem("ClientCertificate");
EmbeddedObject eo_cert = (EmbeddedObject) rti_cert.getEmbeddedObjects().get(0);
RichTextItem rti_trust = (RichTextItem) profile_doc.getFirstItem("TrustStore");
EmbeddedObject eo_trust = (EmbeddedObject) rti_trust.getEmbeddedObjects().get(0);
InputStream trustfileInputStream = eo_trust.getInputStream();
InputStream keyFileInputStream = eo_cert.getInputStream();
String client_cert_password = profile_doc.getItemValueString("ClientCertPassword");
String truststore_password = profile_doc.getItemValueString("TrustStorePasswort");
SSLSocketFactory ssl_socket_factory = SSLUtils.getFactory(trustfileInputStream,truststore_password, keyFileInputStream, client_cert_password);
System.out.println("Create HTTPS Connection to " + url.toString());
HttpsURLConnection conn;
conn = (HttpsURLConnection) url.openConnection();
conn.setSSLSocketFactory(ssl_socket_factory);
conn.setDoOutput(true);
conn.setDoInput(true);
conn.setRequestProperty("Content-Type", "application/soap+xml; charset=utf-8");
conn.setRequestMethod("POST");
System.out.println("Writing Content to output stream");
OutputStream os = conn.getOutputStream();
os.write(content.getBytes());
os.close();
System.out.println("Writing Content to output stream done");
eo_cert.recycle();
eo_cert = null;
rti_cert.recycle();
rti_cert = null;
eo_trust.recycle();
eo_trust = null;
rti_trust.recycle();
rti_trust = null;
I hope this post has some information for you to use.
Kategorien Domino, JAVA Schlagwörter certificates, java, keystore, truststore
Schreibe einen Kommentar
RASPIAN AND MEDIA-KEYS
16.11.1615.11.16 von Harald
Do you have a Keyboard with Media-Keys connected to your Raspberry PI? So do I
I’ve added following lines to my ‚lxde-pi-rc.xml‘ File in
‚/home/pi/.config/openbox‘ in the keyboard-section:
Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
<keybind key="XF86AudioRaiseVolume">
<action name="Execute">
<command>amixer set PCM 250+ unmute</command>
</action>
</keybind>
<keybind key="XF86AudioLowerVolume">
<action name="Execute">
<command>amixer set PCM 250- unmute</command>
</action>
</keybind>
<keybind key="XF86AudioMute">
<action name="Execute">
<command>amixer set PCM toggle</command>
</action>
</keybind>
<keybind key="XF86AudioRaiseVolume"> <action name="Execute"> <command>amixer set
PCM 250+ unmute</command> </action> </keybind> <keybind
key="XF86AudioLowerVolume"> <action name="Execute"> <command>amixer set PCM 250-
unmute</command> </action> </keybind> <keybind key="XF86AudioMute"> <action
name="Execute"> <command>amixer set PCM toggle</command> </action> </keybind>
<keybind key="XF86AudioRaiseVolume">
<action name="Execute">
<command>amixer set PCM 250+ unmute</command>
</action>
</keybind>
<keybind key="XF86AudioLowerVolume">
<action name="Execute">
<command>amixer set PCM 250- unmute</command>
</action>
</keybind>
<keybind key="XF86AudioMute">
<action name="Execute">
<command>amixer set PCM toggle</command>
</action>
</keybind>
Works like a charm!
Kategorien Administration, Raspberry PI Schlagwörter LXDE, Media Keys, Raspberry
PI Schreibe einen Kommentar
MÜNCHAUSEN ZAHLEN
22.09.16 von Harald
Dieses Posting ist furchtbar inspiriert durch einen Eintrag von diesem Blog:
https://zach.se/munchausen-numbers-and-how-to-find-them/
Wer mehr zu den Münchhausen-Zahlen wissen will, findet es genauer hier
beschrieben: https://de.wikipedia.org/wiki/M%C3%BCnchhausen-Zahl
Kurz gesagt: 3^3 + 4^4 + 3^3 + 5^5 = 3435
In F# schreibt man das so, Zweck der Übung ist ja, das ich mich gerade ein wenig
in F# reinschnuppere:
Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
let specialpown (i:int64) =
match i with
| 0L -> 0L
| _ -> pown i (int i)
let digits (number:int64) =
(string) number |> Seq.map(fun i -> ( (int64) ((int i) % 48) ) )
let isMunchhausen number =
digits number |> Seq.map (fun i -> specialpown i) |> Seq.sum = number
digits 1234L |> Seq.toList
isMunchhausen 3435L
seq { 1L..500000000L } |> Seq.filter isMunchhausen |> Seq.toList
let specialpown (i:int64) = match i with | 0L -> 0L | _ -> pown i (int i) let
digits (number:int64) = (string) number |> Seq.map(fun i -> ( (int64) ((int i) %
48) ) ) let isMunchhausen number = digits number |> Seq.map (fun i ->
specialpown i) |> Seq.sum = number digits 1234L |> Seq.toList isMunchhausen
3435L seq { 1L..500000000L } |> Seq.filter isMunchhausen |> Seq.toList
let specialpown (i:int64) =
match i with
| 0L -> 0L
| _ -> pown i (int i)
let digits (number:int64) =
(string) number |> Seq.map(fun i -> ( (int64) ((int i) % 48) ) )
let isMunchhausen number =
digits number |> Seq.map (fun i -> specialpown i) |> Seq.sum = number
digits 1234L |> Seq.toList
isMunchhausen 3435L
seq { 1L..500000000L } |> Seq.filter isMunchhausen |> Seq.toList
F# interactive zeigt dann folgendes in der Konsole:
Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
val specialpown : i:int64 -> int64
val digits : number:int64 -> seq<int64>
val isMunchhausen : number:int64 -> bool
val it : int64 list = [1L; 3435L; 438579088L]
val specialpown : i:int64 -> int64 val digits : number:int64 -> seq<int64> val
isMunchhausen : number:int64 -> bool val it : int64 list = [1L; 3435L;
438579088L]
val specialpown : i:int64 -> int64
val digits : number:int64 -> seq<int64>
val isMunchhausen : number:int64 -> bool
val it : int64 list = [1L; 3435L; 438579088L]
Ja, und die einzigen (bisher) bekannten Münchhausenzahlen sind diese 3:
* 1
* 3.435
* 438.579.088
Kategorien F#, Programmieren Schlagwörter F#, Münchhausen, Programmieren
Schreibe einen Kommentar
SEND A „CANCEL CURRENT OPERATION“ TO IBM NOTES WITH POWERSHELL
22.09.1602.05.16 von Harald
On new Notebooks or Tablets, one key is missing:
– the pause-key
To cancel the current Operation within Notes, you can send a key-combination to
the Notes-Process.
I realized this with the following Powershell-Script:
Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
add-type -AssemblyName microsoft.VisualBasic
add-type -AssemblyName System.Windows.Forms
$id = (Get-Process "notes2").Id
[Microsoft.VisualBasic.Interaction]::AppActivate($id)
[System.Windows.Forms.SendKeys]::SendWait(“{BREAK}”)
add-type -AssemblyName microsoft.VisualBasic add-type -AssemblyName
System.Windows.Forms $id = (Get-Process "notes2").Id
[Microsoft.VisualBasic.Interaction]::AppActivate($id)
[System.Windows.Forms.SendKeys]::SendWait(“{BREAK}”)
add-type -AssemblyName microsoft.VisualBasic
add-type -AssemblyName System.Windows.Forms
$id = (Get-Process "notes2").Id
[Microsoft.VisualBasic.Interaction]::AppActivate($id)
[System.Windows.Forms.SendKeys]::SendWait(“{BREAK}”)
Kategorien Administration, IBM Notes, Powershell, Programmieren, Windows
Schlagwörter Dirty Hack, Domino, IBM Notes, Powershell Schreibe einen Kommentar
DNS RESOLVING ISSUES WITH ASUS RT-AC87U
07.04.16 von Harald
I recently bought an new Router – the ASUS RT-AC87U.
I used it for some weeks with no problems, unless I tried to insert my 3G
Data-Stick into the USB-Port (for failover reasons).
Since then, I did have occasional problems in resolving various internet
adresses.
PS C:\Users\Harald> nslookup orf.at
Server: router.asus.com
Address: 192.168.1.1
*** orf.at wurde von router.asus.com nicht gefunden: Query refused.
Query refused? At first, I blamed my provider, and tried to configure the
dns-adresses in the router to the Google-DNS-Servers (8.8.8.8 and 8.8.4.4) –
unfortunately this did not help. The same error messages appeared and appeard.
Refreshing the Site in the browser did help in most cases.
The Asus-Routers uses the dnsmasq DNS-Deamon to act as a DNS-Server. However,
the DNS-Servers the deamon uses itsself are in the /etc/resolv.conf file. And
there lies the magic (or the root of my problem).
If the router gets the (2) DNS-Servers Adresses from the Provider, it stores
these IPs in the resolv.conf file. If you configure DUAL-WAN, you will get 4
DNS-Adresses into the file (2 for each provider). Providers usually only allow
DNS-Queries from there own network…
So in some cases, the router uses WAN-Connection from Provider A, but tries to
resolve the addresses with the DNS-Server from Provider B – which then gets
refused.
What did I do?
I set the DNS-Server Adresses manually in /etc/resolv.conf via vi to only two
entries (8.8.8.8, 8.8.4.4) and until now it works like a charm.
Kategorien Administration Schlagwörter asus, DNS, networking, router Schreibe
einen Kommentar
Ältere Beiträge
Seite1 Seite2 … Seite7 Weiter →
CATEGORIES
* Administration
* Allgemeines
* AppEngine
* Arbeiten im Team
* C
* C#
* Domino
* F#
* Fun
* Hardware
* IBM Notes
* JAVA
* LotusScript
* Powershell
* Programmieren
* Python
* Raspberry PI
* SQL-Server
* Video
* Visual Studion Lightswitch
* Windows
* Windows Server 2008 R2
TAG CLOUD
2D Sidescroller Algorithmus Blaues Licht Bubble Sort C C# C#. CSharp Color Color
Conversion Color Management Colour Colour Conversion Colour Management CSharp
DNS Domino Donkey Kong Duke First Person Shooter Disease Fun Heap Sort IBM Notes
InputStream Insertion Sort java LAB LCH Lotus NotesSession OutputStream projekt
Quick Sort Rambo Refactoring RGB Selection Sort Shell Sort sRGB StringBuffer
Sylvester Stallone syntegration team teamarbeit Video XYZ
DIVERSES
* Anmelden
* Feed der Einträge
* Kommentare-Feed
* WordPress.org
Find me on Mastodon
© 2023 Harry's Blog • Erstellt mit GeneratePress