Securing a development server

In this post I talk about setting up and securely operating development tools like Jenkins and Gitlab on a server connected to the internet. All applications run behind a firewall and a reverse HTTP proxy which allows only HTTP requests from selected users through who authenticate themselves with client certificates. Putting web-facing software on the … Continue reading Securing a development server

SSLHandshakeException: unsupported certificate

When: loading client certificates from a custom keystore Reason: multiple certificates for the same domain but different purposes, e.g. one certificate handles email authentication, the other authenticates the user against a web server Solution: either fix the buggy code that selects the wrong certificate from the keystore or make sure only one certificate per domain … Continue reading SSLHandshakeException: unsupported certificate

Pidgin having trouble with MSN certificate – and how to fix

I noticed recently that the Pidgin 2.7.5 messenger [1] had problems connecting to MSN with a certificate error about omega.contacts.msn.com. Fortunately I'm neither the first to have that problem, nor to find a solution [2]. MSN apparently replaced their certificate, which now needs to be updated with Pidgin. 1. point your browser to https://omega.contacts.msn.com/ 2. … Continue reading Pidgin having trouble with MSN certificate – and how to fix