When it comes to SSL/TLS configuration, the focus tends to be on web servers rather than on mail servers. But mail servers should also benefit from a strong SSL/TLS configuration with valid certificates. Mail servers that have been configured completely incorrectly quickly become apparent in IMAP and POP3 protocols, but insufficient standards are often set…
Various companies currently rely on the proprietary Enterprise Password Vault from CyberArk to securely manage sensitive access information, certificates and SSH keys. This software allows, for example, user IDs and passwords for an application to be stored through a web interface. But in an age when automation, provisioning and configuration management are cornerstones of every…
In this blog post we present a solution with which you’re able to operate a MariaDB Galera Cluster on Kubernetes or compatible solutions (e.g. Red Hat OpenShift Container Platform, CoreOS Tectonic or Canonical’s Kubernetes). It allows cloud-native applications running in Kubernetes and their required databases to be run on the same infrastructure, using the same…
In this two-part article, we will take a closer look at the continuous integration functionalities of GitLab CI. The first part deals with installation and configuration, while the second part provides more detailed information on individual application scenarios. What does CI actually mean? In this case, CI stands for continuous integration. But simply, this means…
Sometimes, when you’re not at the office, and your PC’s sitting there all properly shut down to save on electricity and it sure would be nice if you could just ask a co-worker to boot up the computer. Then you could use that wonderful technology known as SSH. Unfortunately, the encrypted hard drive makes this…
If the YubiCloud is not to be used for the validation of Yubico one-time passwords (OTP), validation servers can also be managed in-house. In principle this is not very difficult, but the redundant setup is rather poorly documented. Overview MySQL is used as the backend and Apache as the frontend. The two components yubikey-val and…
In order to see in the monitoring tool if and when an SSL certificate is due to expire a script was created to determine the expiration date. In comparison to other checks, this script is not limited to checking certificates via HTTPS. This article provides a description of how the expiration date of an SSL…
There are (still) various servers on the internet that have just an insufficient SSL/TLS configuration or none at all. It is not just web servers (like nginx or Apache) but also XMPP/Jabber servers and mail servers, for example. As the basis of each SSL/TLS configuration, we need keys and certificates and sometimes Diffie-Hellman parameters. This…
Sandro Köchli, co-founder and board member of Adfinis SyGroup, explains how the rivalry between Microsoft and Linux became a symbiosis. Read the article in Netzwoche to learn more about the history behind our partnership with Microsoft and the related relevance of Azure Cloud Services.
Clouds are sexy! Set them up instantly, maintenance and care are outsourced, scale resources without assistance, and web solutions now often offer functions you can only dream of with desktop solutions. Since Google began demonstrating how people can collaborate on the same document online, even die-hard Word freaks have noticed that text editing is primarily…
