Convert certificates from txt to CER - server

Hi there I have an exchange server for which I need to renew its Globalsign authority certificate.
After i purchased it I got a zip file with x3 txt files in (password.txt / pem.txt /private key.txt).
Exchange server can only import CER file how can I convert those to CER file ?
thanks

Assuming the contents of pem.txt start with =====BEGIN CERTIFICATE=====, you'd either just specify the path of that file, or rename pem.txt to pem.cer (or certificate.cer, or whatever you want to call it).
(And for future reference, taking a screenshot with PrintScr or Alt+PrintScr (just the focused application) and trimming it down in something like paint is better than taking a picture of a monitor)

Related

Question on signing a file with RSA (openssl)

I'm read that either signing or encrypting (or both?) with RSA has a file size limit. One way I saw to tackle that was to take the sha256sum value of the file then sign that with RSA. Ultimately, I would like to sign a license file with RSA private key, so the destination application can verify it hasn't been altered (using public key)...
I found these script which sign and verify:
https://gist.github.com/ezimuel/3cb601853db6ebc4ee49
My questions are...
Is there a file size limit when you sign (not encrypt) with RSA?
If so, is signing the sha256sum of the file a valid way around the file size limit?
I see in the sign.sh script (in link above) is using a -dgst sha256 in the command. Is that taking the sha256sum value of the file and signing that, similar to #2? Or, if not, what is it doing?
I just want to make sure a license file isn't altered in transit. I was just going to append the signature to the bottom of the file. Then, have the application run a script separate the two (content and signature) to verify no changes have been made.
Thanks in advance.

Has anyone tried automating build and deployment pocess through SOMA scripts?

I have tried automating this process through SOMA: copying the file from one location to another location using dp:get-file in our local directory and their I've to change the file permissions and then unzip the file and save the folder in another location but didn't achieve.
If anyone tried please help on this scenario.
Thanks in advance !
I don't exactly follow all your steps, can you detail them a bit more indicating what you do on DP and what on remote system?
The key to know is that SOMA dp:get-file returns your file as a base64 encoded XML element value and you have to base64 decode that to have your actual file and then work with it on your remote system.
The other way round to put the file back using SOMA you have to base64 encode it and then sent as SOMA XML element value to DP.
I don't think DP cares of any file permission attributes? Or do you have something specific in mind?
You indicate you unzip your file. Are you playing around with ZIP-format DP config export? That would not be ideal approach. Or what is your usecase?

Photorec custom signature

Recently I have lost my database files after server (Qnap) reboot.
I need to recover the MYD files.
I'm using the Photorec to recover my files which uses file signatures.
I know that MYD files doesn't have common file signature.
I've recreated the database from the earlier backup (on local machine) just to check if the signature changes when new data inserted and it seams like the signature bit is not changing.
I'm not sure if that means I have the signature of the file that I'm looking for.
I've tried to create a photorec.sig file and entered MYD 0 0x00010065fe00000100003101aa70010f00 which are the first 34 chars of the hexdump result.
I've saved this file into the current working directory and ~/.photorec.sig and tried to recognize the MYD file with fidentify_static which always returns unknown.
I think there is something wrong with the signature file that I've created. Can anyone tell me how to make sure that the signature file is created correctly and placed to the right place on qnap?
Run fidentify with the file/directory as the parameter:
[kmaster#adsl ~]$ fidentify /home/kmaster/src/testfiles/sample.pfi
See http://www.cgsecurity.org/wiki/Add_your_own_extension_to_PhotoRec

Check if downloaded file is corrupted and delete if corrupted from iPhone

Problem:
I have to download some files from the server. In between the connection with the server is lost. And when the file is opened it opened without any problem, except that it was blank.
Question
How to check if the downloaded file from the server is corrupted or not? Is there any way to do that?
If the file is corrupted it must be deleted from the documents folder.
Thank you!
You can create a hash of the file and then use that hash to compare the current hash to the new hash.
Here's an example on creating a hash for iOS:
http://iosdevelopertips.com/core-services/create-md5-hash-from-nsstring-nsdata-or-file.html
It should work pretty well because the hash only changes if the file contents change and is unaffected by creation times, modification times, and the file name.
Edit
You can also sign your files with PGP or GPG and use your public key to verify its contents.
Hope this helps :)
Send a hash of the file with the file, and then compare the hashes.

why are downloads sometimes tagged md5, sha1 and other hash indicators?

I've seen this all over the place:
Download here! SHA1 =
8e1ed2ce9e7e473d38a9dc7824a384a9ac34d7d0
What does it mean? How does a hash come into play as far as downloads and... What use can I make of it? Is this a legacy item where you used to have to verify some checksum after you downloaded the whole file?
It's a security measure. It allows you to verify that the file you just downloaded is the one that the author posted to the site. Note that using hashes from the same website you're getting the files from is not especially secure. Often a good place to get them from is a mailing list announcement where a PGP-signed email contains the link to the file and the hash.
Since this answer has been ranked so highly compared to the others for some reason, I'm editing it to add the other major reason mentioned first by the other authors below, which is to verify the integrity of the file after transferring it over the network.
So:
Security - verify that the file that you downloaded was the one the author originally published
Integrity - verify that the file wasn't damaged during transmission over the network.
When downloading larger files, it's often useful to perform a checksum to ensure your download was successful and not mangled along transport. There's tons of freeware apps that can be used to gen the checksum for you to validate your download. This to me is an interesting mainstreaming of procedures that popular mp3 and warez sites used to use back in the day when distributing files.
SHA1 and MD5 hashes are used to verify the integrity of files you've downloaded. They aren't necessarily a legacy technology, and can be used by tools like those in the openssl to verify whether or not your a file has been corrupted/changed from its original.
It's to ensure that you downloaded the file correctly. If you hash the downloaded the file and it matches the hash on the page, all is well.
A cryptographic hash (such as SH1 or MD5) allows you to verify that file you have has been downloaded correctly and has not been tampered with.
To go along with what everyone here is saying I use HashTab when I need to generate/compare MD5 and SHA1 hashes on Windows. It adds a new tab to the file properties window and will calculate the hashes.
With a has (MD5, SHA-1) one input matches only with one output, and then if you down load the file and calculate the hash again should obtain the same output.
If the output is different the file is corrupt.
If (hash(file) == “Hash in page”)
validFile = true;
else
validFile = false;