Dynamically Creating Java Keystores in OpenShift


With a simple annotation to a service, you can dynamically create certificates in OpenShift.

Certificates created this way are in PEM (base64-encoded certificates) format and cannot be directly consumed by Java applications, which need certificates to be stored in Java KeyStores.

In this post, we are going to show a simple approach to enable Java applications to benefit from certificates dynamically created by OpenShift.

Continue reading “Dynamically Creating Java Keystores in OpenShift”


SSL Testing Tool

If you have a large number of servers, which are configured with SSL/TLS and you are out of track on their certificate validity, now all of sudden you are worried if some of the certificates are expired.

Or if I think in some other scenario where you are required to understand underlying SSL/TLS configuration of your servers e.g. CipherSuits, Protocols, etc.

Yes, in the traditional way, you can get all the information of your SSL/TLS configuration by login into an individual server and check the certificates but it is very difficult if your environment size is very high.

To overcome this problem, I have to build a tool, which will give you all required details.

Continue reading “SSL Testing Tool”


Securing Fuse 6.3 Fabric Cluster Management Console with SSL/TLS


Enabling SSL/TLS in a Fabric is slightly more complex than securing a jetty in a standalone Karaf container. In the following article, we are providing feedback on the overall process. For clarity and simplification, the article will be divided into two parts.


Part1: The Management Console

Part2: Securing Web Service:including gateway-http


For the purpose of this PoC, the following environment will be used.

Continue reading “Securing Fuse 6.3 Fabric Cluster Management Console with SSL/TLS”