openssl: How to configure private key size for secp256k1

I am trying to understand if it’s possible to configure a private key size for the given curve.

openssl ecparam -name secp256k1 -genkey  -----BEGIN EC PARAMETERS----- BgUrgQQACg== -----END EC PARAMETERS----- -----BEGIN EC PRIVATE KEY----- MHQCAQEEIMda3jdFuTnGd2Y9s9lZiQJXKSpxBp6WQWcurn4FnYogoAcGBSuBBAAK oUQDQgAEI272v3lIoVkLZEbsJ/1l6Wfqbk8ZeybzzhtUN60EOhCRsR8rOLAIbbDl ncOT1vtzEj5NZxQEYdopFMb10CfccQ 

Was trying to read openssl documentation to see how to configure the length of the private key but failed to find anything regarding it. Could you advise?

Is it possible to configure SMTP relay on SSRS 2012 RTM?

I am trying to configure SSRS 2012 RTM to work with user and password to a remote SMTP server. In 2016 its working just fine but for some reason on 2012 it doesn’t- when i add the SMTP configuration below and then i try to create an SSRS subscription it will not allow sending subscriptions that are not file share subscriptions. IS this feature supported in 2012? (SMTPAuthenticate= 1)

configuration file SMTP setup: enter image description here

I also checked the error logs and could not find an error. Thanks In advance

I am trying to configure CSRFGuard library in my java web application, however i get the following error

I have included the csrf 3.0 jar and also included the at the beginning of the jsp pages. However, i get the error when i try to run my project.Can someone guide me to implement CSRF Guard properly on my web application. Thanks for your help.

<java.lang.NoSuchMethodError: org.owasp.csrfguard.CsrfGuard.load(Ljava/util/Properties;)V         at org.owasp.csrfguard.CsrfGuardServletContextListener.contextInitialized(CsrfGuardServletContextListener.java:38)         at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4732)         at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5194)         at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:152)         at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:726)         at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:702)         at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:734)         at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:596)         at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:467)         at org.apache.catalina.startup.HostConfig.check(HostConfig.java:1617)         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)         at java.lang.reflect.Method.invoke(Method.java:606)         at org.apache.tomcat.util.modeler.BaseModelMBean.invoke(BaseModelMBean.java:300)         at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:819)         at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:801)         at org.apache.catalina.manager.ManagerServlet.check(ManagerServlet.java:1483)         at org.apache.catalina.manager.ManagerServlet.deploy(ManagerServlet.java:904)         at org.apache.catalina.manager.ManagerServlet.doGet(ManagerServlet.java:336)         at javax.servlet.http.HttpServlet.service(HttpServlet.java:622)         at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230)         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)         at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)         at org.apache.catalina.filters.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:108)         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)         at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)         at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:108)         at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:632)         at org.apache.catalina.valves.RequestFilterValve.process(RequestFilterValve.java:318)         at org.apache.catalina.valves.RemoteAddrValve.invoke(RemoteAddrValve.java:97)         at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)         at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)         at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:620)         at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)         at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)         at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:1096)         at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)         at org.apache.coyote.AbstractProtocol$  ConnectionHandler.process(AbstractProtocol.java:760)         at org.apache.tomcat.util.net.NioEndpoint$  SocketProcessor.run(NioEndpoint.java:1480)         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)         at java.util.concurrent.ThreadPoolExecutor$  Worker.run(ThreadPoolExecutor.java:615)         at org.apache.tomcat.util.threads.TaskThread$  WrappingRunnable.run(TaskThread.java:61)         at java.lang.Thread.run(Thread.java:745) 

Below is the web.xml configuration. I have included CSRFGuard 3.0 jar

    <listener>         <listener-class>org.owasp.csrfguard.CsrfGuardServletContextListener</listener-class>     </listener>       <listener>         <listener-class>org.owasp.csrfguard.CsrfGuardHttpSessionListener</listener-class>     </listener>      <filter>         <filter-name>CSRFGuard</filter-name>         <filter-class>org.owasp.csrfguard.CsrfGuardFilter</filter-class>         <init-param>             <param-name>error_page</param-name>             <param-value>/csrfAttackError.jsp</param-value>          </init-param>     </filter>     <context-param>         <param-name>Owasp.CsrfGuard.Config</param-name>         <param-value>WEB-INF/Owasp.CsrfGuard.properties</param-value>     </context-param>     <context-param>         <param-name>Owasp.CsrfGuard.Config.Print</param-name>         <param-value>false</param-value>     </context-param>     <listener>         <listener-class>org.owasp.csrfguard.CsrfGuardListener</listener-class>     </listener>   <servlet>     <servlet-name>JavaScriptServlet</servlet-name>     <servlet-class>org.owasp.csrfguard.servlet.JavaScriptServlet</servlet-class>      <init-param>         <param-name>source-file</param-name>         <param-value>WEB-INF/Owasp.CsrfGuard.js</param-value>     </init-param>     <init-param>         <param-name>inject-into-forms</param-name>         <param-value>true</param-value>     </init-param>     <init-param>         <param-name>inject-into-attributes</param-name>         <param-value>true</param-value>     </init-param>     <init-param>         <param-name>domain-strict</param-name>         <param-value>false</param-value>     </init-param>     <init-param>         <param-name>referer-pattern</param-name>         <param-value>.*</param-value>     </init-param> </servlet> 

Configure SMTP Server to send mails through different other SMTPs [closed]

i’m tring to install a smtp server which uses randomly other smtp-servers to send emails. Here is an example setup:

if a email is send using smtp1.domain.de the smtp server will look in a list or something and select one of the smtps provided there with domain email and password. For example:

smtp2.domain.de smtp3.domain.de

It would be nice if the select process is scriptable with python or something or may be completly random.

Thanks for your help.

How do I configure the Calculator web service sample code in netbeans to use x509 certificates for authentication?

I have successfully followed the steps outlined here: https://netbeans.org/kb/docs/websvc/jax-ws.html

Everything works correctly (i.e. I can run a client jar file from terminal and have it send two numbers to add; the calculator web service receives them and returns the correct sum in the SOAP response).

I now wish to add authentication using x509 certificates, but I am unable to find specific documentation on how to do so. The closest link I found is a secure calculator here:

https://netbeans.org/kb/docs/websvc/wsit.html#Exercise_2_2

But this appears to be using “Username Authentication with Symmetric Keys”, which is not what I am looking for.

I am looking for the calculator client to send its x509 certificate over to the calculator web service. The calculator web service authenticates the x509 certificate it just received from the client. If authentication is successful, it will proceed to add the two numbers sent by the client. Otherwise it returns “invalid cert”.

This seems like a simple thing to do, but I am not able to find any documentation or a sample netbeans project that does this.

This website seems promising: https://docs.oracle.com/cd/E17802_01/webservices/webservices/reference/tutorials/wsit/doc/WSIT_Security9.html#wp162511

Specifically the Example: Mutual Certificates Security (MCS) . However, when I get to the step in the “Securing the Example Web Service Client Application (MCS) section that says:

Select the WSIT Configuration tab of the CalculatorWSService dialog.

Netbeans does not have a WSIT Configuration tab. So this appears to be outdated since I am running Netbeans 8.2.

Would appreciate all / any help from the community.

How to configure a VM to protect all my hardware fingerprint from guest OS and softwares?

This question was originally Does Firefox in VM have a common enough fingerprint so I don’t need tor browser? in Tor community.

I want to know about what a web browser’s fingerprint like in a VM, if VM runs a common OS and have default system settings. Can VM be configured to not have any of host machine’s fingerprint?

(Here I just want to ask about fingerprint, ignoring IP addresses, web scripts and tracking cookies)

Here the VM software we discuss would better be FOSS, like Virtualbox or qemu.

That question could be on not just web browser, but also other kind of softwares.

How do I configure Azure Web Apps so that the only access is via CloudFlare?

I have a Web Apps (Linux) application on Azure, and I added a custom domain which I have protected with CloudFlare.

I added Azure Security Center to my subscription.

At the moment one can access the application either

  1. directly via example.azurewebsites.net or
  2. via www.example.com which is protected by CloudFlare

How do I configure the Azure portal so that the only access to my web application is via CloudFlare?

One idea I had is to add an Azure Firewall, and set it to white list the CloudFlare IP Addresses, but I wondered if there is an easier way (and anyway I am not sure how to configure it)

Configure a Google Analytics filter for blog posts when URLs are mixed with other content

I have a WordPress site with a blog section but also a lot of other content, that is not directly related to the blog. Now I want to use Google Analytics and only see the blog traffic, meaning users that click on blog posts.

I know there are ways to filter this, if the blog posts reside in a subfolder, like example.com/blog/my-blog-post, but on my site the link structure doesn’t have that. It’s like this: example.com/my-blog-post

What would be a good way to filter that traffic in Google Analytics? It should also work for any future published posts. I have the Google Tag Manager connected, maybe that might provide a viable option?