Developer Mode

 Bagi yang ada problem ssd pada MS Surface Pro, belilah jenama Samsung sebab ssd dia hanya single layer. sesuai untuk ruang surface yang sempit. Jangan jadi macam aku, terbeli yang jenama lain, dia hantar double layer, mau kembung naik ke screen. skru pon nak masuk susah. buang duit je rm500. last last sumbat je ssd double layer tu dalam ssd nvme enclosure. hahaha padan muka aku. Samsung punya cun, single layer. aku beli ssd yang baru ni Samsung SSD 980. Berdezup jugak pegi nye. puas hati memakai.

 Bagi korang yang pakai MS Surface, hmmm ssd kalau dah mula menunjukkan "cannot boot", keluar blue screen yang dia cakap cari SSD tak jumpa buat pertama kali, hangpa kena beringat, Surface dah kasi warning pertama supaya cepat2 backup fail dalam SSD tu bila hangpa dapat access masuk semula. Kadang2 dapat masuk 30 minit je ke Windows. cepat2 keluarkan fail yang penting. kalau tak.. hmm SDD tu kaput. backup lah segera dan selalu, jangan jadi macam aku. fail tak boleh recover.. naya woo

Nak jana RSA CSR-Certificate Signing Request pon satu hal jugak. Cubalah korang try test snipet bawah ni. aku cuma nak tunjuk pasal nak tambah emailAddress tu je. Yang lain2 tu semua serupa saja. using (var DN = new X509Name())             {                 . . . Nak buat CSR pakai  X509Request { PublicKey = rsaKey, Subject = DN })                   kemudian signed dengan csr.Sign(rsaKey, MessageDigest) itu je

Seminggu pening aku dengan kaedah nak jana RSA privatekey/CSR/certificate guna OpenSSL atas web. sebelum ni aku pakai buat manual je.  kena bukak console/command prompt. akan jadi leceh bila ko berada jauh dari comp yang ada remote desktop. snippet (saja aku kasi tak lengkap supaya korang pikir bior jalan otak sket) ni utk nak jana RSA privatekey. tapi aku pakai OpenSSL.NET la. var iKeySize = int.Parse(ddl_ec_RSAPrivateKeyKeySize.SelectedValue); BigNumber bn = 0x10001; using (var rsa = new OpenSSL.Crypto.RSA()) { rsa.GenerateKeys(iKeySize, bn, null, null); txt_ec_RSAPrivateKey.Text = rsa.PrivateKeyAsPEM; }

kalau dah lepas pakai X509Certificate2, release le dari memory selepas dipakai. kalau buat sistem hi-speed dan loading certificate beribu-ribu kali, lama2 memory pon habis. cert.Reset(); //buang isi kandungan cert yang load tadi source:  https://docs.microsoft.com/en-us/dotnet/api/system.security.cryptography.x509certificates.x509certificate2.reset?redirectedfrom=MSDN&view=netframework-4.7.2

USEFUL OPENSSL ONE-LINERS As a follow up for the certificate authority posting, here are some (hopefully) useful openssl one-liners: # creating a key openssl genrsa -aes256 -out user.key 4096 # creating a certificate signing request openssl req -sha256 -new -key user.key -out user.csr # signing the certificate signing request with a certificate authority openssl ca -config ca.config -out user.crt -infiles user.csr # creating a self sigend certificate openssl req -sha256 -new -x509 -key user.key -out user.crt # verify if the ca.crt has really signed user.crt openssl verify -CAfile ca.crt user.crt # decrypting the key openssl rsa -in user.key -out user.key.decrypted # creating a pkcs#7 format certificate in DER format openssl crl2pkcs7 -nocrl -certfile user.crt -certfile ca.crt -outform DER -out user.p7c # creating a pkcs#12 format certificate (IIS) openssl pkcs12 -export -in user.crt -inkey user.key -out server.pkcs12 # checking the data of a key openssl rsa -noout...

ni satu lagi hal yang memeningkan aku 2 3 hari. apalah IIS ni, len kali habaq la hangpa dah tukar pasal IIS_IUSR. jenuh aku mencari solution sebab2 application tak mo jalan. apa raa. secara ringkasnya IIS kata: In earlier versions of IIS, a local account called IUSR_MachineName is created during installation. IIS used the IUSR_MachineName account by default whenever anonymous authentication was enabled. This was used by both the FTP and HTTP services. lepas tu dia kata lagi: In summary, IIS 7 and above offer the following: The IUSR built-in account replaces the IUSR_MachineName account. The IIS_IUSRS built-in group replaces the IIS_WPG group. alhamdulillah boleh jalan :D source: https://www.iis.net/learn/get-started/planning-for-security/understanding-built-in-user-and-group-accounts-in-iis