I am attempting to setup sonarqube instance with HTTPS listener. I understand that sonarqube supports HTTPS out of the box in version 4.2. What I am having difficulty with is encrypting clear text passwords settings in the sonar.properties.
Looking at the their wiki article about encryption support, it seems like it is possible to encrypt clear text passwords. However, I am not having any luck with encrypted value in sonar.web.https.keystorePass property. Tested with clear text and it works fine. Also tested different store types (JKS/PKCS12) or simpler passphrase, nothing seems to be working and keystore read fails when attempting to start the server with encrypted keystore password.
Was anyone able to use built in encryption mechanism in sonarcube to run it with HTTPS?
Unfortunately the properties sonar.web.* can't be encrypted. This limitation is fixed in version 4.4 : https://jira.codehaus.org/browse/SONAR-4781
Related
I have written a restful API project which is developed using spring boot and I am using the embedded tomcat and running a jar on a linux server.
The APIs are live at:
https://api.arevogroup.com:8089/api/regions
and I can see the verified and correct SSL as well as in the given screenshot.
but I am getting an this exception in the postman when I call these apis.
These APIs are consumed by a Xamrin based app which seems to work all good when consumed using iPhone but gives this same exception when the APIs are accessed via android.
I guess, the way I have generated the ssl certificate has some issues.
I have used a pfx file and my SSL config in properties file looks like this:
###SSL Key Info
security.require-ssl=true
server.ssl.key-store-password=PASSWORD
server.ssl.key-store=classpath:ssl_pfx.pfx
server.ssl.key-store-type=PKCS12
I have 2 questions, if disable the ssl verification, would the communication still be encrypted or not? (man in the middle attack is still possible but the info will still be encrypted, right?).
If not, how can I fix this?
You can't disable the verification of the server certificate. No browser will allow you to do it, except on an exceptional basis (the user must confirm the exception). If the client disables the verification, than the communication will be encrypted (i.e. no passive attack will be possible).
The errors you see are cause by a misconfiguration of your server.
Your certificate chain contains just the certificate for your server and lacks the intermediate certificate CN=Go Daddy Secure Certificate Authority - G2. You need to download it from Go Daddy (it is the one named gdig2.crt.pem) and add it to your keystore.
Refer to this question on how to do it.
Some browsers cache intermediate certificates and are able to verify your site even if one certificate is missing. However you should not rely on it.
security.require-ssl=true
server.ssl.key-store-password=PASSWORD
server.ssl.key-store=keystore.jks
server.ssl.key-store-provider=SUN
server.ssl.key-store-type=JKS
Used the jks file instead of pfx and it worked all good. Thought to share with others too.
I have a set up a private remote git server (not GitHub).
I can perform all operations fine from the command line without problem. This server also works fine with IntelliJ.
From within Xcode I can PULL changes. But mysteriously I cannot push changes even though both require authentication. I am using SSH.
I've seen lots of posts about windows authentication, IIS, and other special cases. But I have not seen anything about being able to pull but not push. And I have no idea where Xcode might write any logging. At the user level it just says Authentication failed. I am using SSH (no certs).
Any advice on where to even start looking would be greatly appreciated.
Posting for posterity, but: check your ssh keys if you are using key-based auth. I was having a devil of a time trying to get Xcode to do any git ops, until I changed the ssh setup to use an RSA key. ECDSA doesn't work. Not sure about any other keys, but apple docs on setting up continuous integration with xcode always talk about RSA keys, which was my clue.
Well it seems this has been broken since Xcode 7, two years ago.
THE solution (all caps because this is the ONLY thing that works) is to put the password in the git server URL. So you can have function or security - but not both. Apparently the Xcode parsing of the git config is VERY VERY defective.
git config --edit
Use THIS exact syntax for the git server URL (assuming ssh without certificate)
url = ssh://username:passwd#server/path/to/project.git
Ugly but works.
I am getting some kind of Encryption error when I try and send an email in a plugin (action). I have two environments that are the same. It works in dev but when I deploy it to a UAT environment, i get the following error on the workflow that fires the action when the action tries to create/send an email. Neither environment is HTTPS. A lot of posts online say to go to Settings->Data Management->Data Encryption but that box will not open as its not HTTPS.
Cannot open Sql Encryption Symmetric Key because Symmetric Key
password does not exist in Config DB
If anyone has any pointers that would be awesome.
Thanks,
Hi sending an email in CRM requires data encryption to be enabled, if you check your dev environment i believe the Data Encryption will be Active(Go to Settings->Data management –> Data Encryption) as below image that is why your Plugin is working fine in dev environment.
You need to enable Data Encryption in your UAT environment.
Please try the following steps:
1. Disable SSL Check (Non HTTPS deployment – if you use HTTPS
deployment, skip this step)
2. Run the following SQL for MSCRM_CONFIG database.
UPDATE [MSCRM_CONFIG].[dbo].[DeploymentProperties]
SET [BitColumn]=1
WHERE ColumnName='DisableSSLCheckForEncryption'
3. Go to Settings->Data management –> Data Encryption
4. Enter any encryption key, it could be anything and click activate.
Please read more about Data Encryption and Encryption key here:
Data Encryption in CRM 2013
CRM 2013: CRM And SQL Encryption
Data Encryption Feature Isn’t Activated
CRM 2013 Create Email error
I am able to perform all git operations via git command line (Terminal),But via Xcode causes an authentication error "Enter your credentials for the repository"
Since this work with Xcode 6.4 but not in Xcode8.3. This may happens cause XCode 7 doesn't support Windows Authentication. It seems to be a common problem amongst users because there are many posts about it in google.
To make it all work you should enable Basic Authentication in your IIS TFS website on "tfs" virtual folder.
Be careful though because basic authentication sends your credentials over network as plain text. Highly recommend you use SSL in this case.
The steps to setup SSL are described in details in the
docs.
Here
you can find what is required to configure Basic Authentication.
A couple of caveats:
username should be entered in domain\user format
do not enable Basic Authentication on the default non-SSL site
Source Link
Also suggest you use Git Credential Manager for Mac and Linux to store credentials for Git version control.
Does anyone know how I can automatically use the current NTLM credentials in IDEA when working with Subversion?
I have IDEA 9.0.4 and get "Not logged In to Subversion '[AD Realm]' (http://[Branch])". (replace [information] with actual technical details) when I try to update/commit/etc.
Try setting the following system property -Dsvnkit.http.ntlm=jna - it will make SVNKit use native Windows API through JNA to support JNA. Native implementation may work better for you. Both pure Java and JNA-based implementations of NTLM support in SVNKit however unfortunately does not work well in some environments.
It should work automatically. If you are asked for the password, then the server doesn't accept NTLM auth from SvnKit library for some reason and authentication falls back to different method.