Dhaka to introduce digital signature
Bangladesh is set to introduce electronic signature, which is a key feature for e-procurement, e-governance, e-commerce and other digital activities, said officials in Dhaka yesterday.
“Electronic signature is ready for introduction and it will ensure the total security of electronic information,” Controller of the Certifying Authorities Mohamed Zahangir Alam said.
He said the electronic signature would uplift the image of country’s ICT sector across the world.
After the introduction of electronic signature, e-procurement, e-commerce, e-transaction, online income-tax return, online application for any kind of services and digital communication between government offices and NGOs will be facilitated, said Bangladesh Computer Council (BCC) assistant programmer Hasan-Uj-Jaman.
He said, it will also ensure Secure Socket Layer (SSL) based security to different kinds of servers such as web and mail and help to introduce paperless office and e-filing, and signing to electronic document and e-mail. Continue reading
Setting up LDAP on Debian Distro
LDAP (Lightweight Directory Access Protocol) allows central user, group, domain….. authentication, information storage …
Using LDAP in a local network, you can allow your users to login and authenticate from anywhere on your network.
This tutorial will be split in 2 parts. In the first part, I will explain how-to install, configure the LDAP server, add a few users and group, in the second part, we will set up Linux client to authenticate through LDAP if the user does not exist on the local filesystem.
In this tutorial, I will suppose that our LDAP server is located at 192.168.1.4. All machines in the network can resolve the host name ldap to 192.168.1.4. The LDAP server is going to manage domain debuntu.local.
The server runs Debian 4 (testing but almost stable) and the client Ubuntu Feisty 7.04. Continue reading
Setting up an Apache Web Server as a proxy in front of EJBCA
This section will show you how to use an Apache Web Server Proxy in front of EJBCA. The resulting server will
- Display EJBCA public web at https://ca-server.company.local/
- Redirect all HTTP-requests to HTTPS, except for OCSP and CRL.
- Require a client SSL certificate when accessing https://ca-server.company.local/adminweb/
- Be able to loadbalance requests
- Still answer to requests on https://ca-server.company.local/ejbca/*
This example was created on Ubuntu 64-bit Server 7.10 using the Apache Web Server 2.2 package, but should be easy to adapt to any system able to run Apache.
Start by installing EJBCA as normal. If you intend to have the CA on the same machine as the proxy you should modify $EJBCA_HOME/conf/web.properties to only listen to localhost Continue reading
List of Credit Rating companies in Bangladesh
List of Credit Rating Companies
|
Sl. No.
|
Name of the Company
|
Date of Issuance of Registration Certificate
|
Address
|
|
01.
|
Credit Rating Information and Services Ltd (CRISL)
|
21/08/02
|
Nakshi Homes (4th and 5th floor), 6/1A, Segunbagicha, Dhaka-1000
|
|
02.
|
Credit Rating Agency of Bangladesh Ltd (CRAB)
|
24/02/04
|
ChamberBuilding (6th Floor), 122-124 Motijheel C/A, Dhaka-1000
|
|
03
|
National Credit Ratings Ltd
|
22/06/2010
|
3 Bijoy Nagor, 3rd floor, Dhaka-1000
|
|
04
|
Emerging Credit Rating Ltd
|
22/06/2010
|
SHAMS Rangs, House #104, Park Road, Flat# A1, A2, Baridhara, Dhaka-1212
|
|
05.
|
ARGUS Credit Rating Services Ltd.
|
21/07/2011
|
7 Suhrawardy Avenue, Baridhara, Dhaka-1212
|
|
06.
|
WASO Credit Rating Company (BD) Limited
|
15/02/2012
|
Haque Chamber (Level-5), 89/2 West Panthopath, Dhaka-1205
|
|
07.
|
Alpha Credit Rating Limited
|
20/02/2012
|
Navana Rahim Ardent (1st floor)
39 Kakrail, Dhaka-1000
|
|
08.
|
The Bangladesh Rating Agency Limited
|
07/03/2012
|
47 Karwan Bazar, Latif Tower (12th floor), Dhaka-1215
|
Deploying a J2EE application behind an Apache server in a production environment
You have created a Web application using a JBoss application server and you are going to put it in production. Great!
But deploying your application with JBoss serving the Web requests directly may not be the optimal solution. First because the Tomcat web server embedded within JBoss is not the best server to serve static files and second because configuring Tomcat and JBoss for best performance and security is in general a complex and tedious task.
Instead, it is a good practice to use an Apache server (2.0 or 2.2) in front of your JBoss/Tomcat. This Apache server can serve static files, take care of your SSL security and manage for you all the details of HTTP headers (Expires and other headers) and more….
In a production environment, you should not put your JBoss application as a Web front-end. Instead, you should use an Apache server and configure it to redirect specific Web application requests to your J2EE server. There are many many advantages in doing this:
The Apache server can serve static files (CSS, images, javascript files) faster than JBoss/Tomcat.
When you need it, you can activate SSL on Apache without having to change your application.
The Apache SSL implementation is faster compared to the Tomcat implementation (and a lot easier to configure!).
You can have a better control of HTTP headers. No need to develop any servlet filter for that.
You can get compression out of the box. No need to develop another servlet filter either (no need to configure Tomcat connector either!).
I assume here that the Apache server is already installed with the following modules and these modules are enabled. Continue reading
Hiding X-Powered by on JBoss Application Server 4.22.x
JBoss can add headers in the HTTP response. The X-Powered-By header exposes what implementation is behind your site. This header is created by a servlet filter that is activated by default in JBoss web configuration files (…/usr/java/jboss-4.2.2.GA/server/default/deploy/jboss-web.deployer/conf/web.xml). You can either disable this filter by commenting the following lines:
<filter>
<filter-name>CommonHeadersFilter</filter-name>
<filter-class>org.jboss.web.tomcat.filters.ReplyHeaderFilter</filter-class>
<init-param>
<param-name>X-Powered-By</param-name>
<param-value>Servlet 2.4; JBoss-4.2.2.GA (build: SVNTag=JBoss_4_2_2_GA date=200710221139)/Tomcat-5.5</param-value>
</init-param>
</filter>
Now update <param-value> at your wish 
mod_jk for RHEL6
You find that It isn't in EPEL, and it isn't in Red Hat Optional Server 6 RHN channel, etc.
It seems that the new way forward with RHEL/Fedora world is to use mod_proxy_ajp. For example, the RH/Fedora project Spacewalk switched from mod_jk to mod_proxy_ajp.
Note that mod_proxy_ajp is a core module of Apache 2.2 and newer so this should be a rather definitive/final change in recommended connector for Tomcat and Apache. Continue reading
EJBCA Custom OID DN and altName oids
EJBCA supports custom (your own) OIDs in DN components.
In order to add such a DN you can simply call the DN for example:
CN=MyCommonName,1.1.1.1=MyCustomOid,C=SE
Where 1.1.1.1 is your custom OID.
Custom OIDs are always encoded as UTF8String in the DN.
To get support for custom OIDs in the Admin GUI you must edit the file src/java/profilemappings.properties and add your new OID in the end. Just follow the example in the file, and you will get the possibility to add you oid in the End Entity Profile, and following that also when adding new users. If you edit profilemappings.properties, you should also add an entry in src/adminweb/languages/languagefile.XX.properties (where XX is you language). Otherwise your new field will be displayed as the key that you entered (which is probably ok also) in the admin-GUI. The new field you must add in the language file is the last field in profilemappings.properties, i.e. the LanguageConstant. Continue reading
