kuanhung c

 General speaking, when you want to apply SSL to web server, you will have below files in hand: private key for SSL certificate sign request  signed SSL certificate Root CA certificate  Intermediate CA certificate (optional) For importing a trusted certificate into JAVA keystore, I think create a new keystore and replace the original one seems like a good practice.  I believe you will know how to import Root CA and intermediate CA as trustcacerts into keystore. However, if you only import the signed SSL certificate without the private key, then the entry will treat as "TrustCertEntry" instead of a "PrivateKeyEntry". The tomcat server will start and listen to 443 but will refuse to serve connection. Therefore we need to use openssl to combine the signed SSL certificate and private key as PKCS12 format. Then import the PKCS12 format entry into the keystore. openssl pkcs12 -export -in FQDN.crt -inkey private-ssl.key -certfile  FQDN...

Angular 2 似乎不錯的樣子？ ECMAScript 6 的 class 和 Angular 2 語法的大改版 感覺似乎直覺多了... 從 Server Side 的 PHP Framework + jQuery 換成 Angular 2 的純 Frontend 可以真正擺脫後端做一套, 前端又要做半套 然後又難以測試的問題嗎? 或許 Angular 2 是一個值得投資時間關注的新方式? Angular 2 Preparation - Part 1 - Code Structure Comparison Free New Angular 2 Preparation Course An Angular2 Todo App: First look at App Development in Angular2 https://angular.io

CakeFest 2014 一些我覺得不錯的 Slide Share... MySQL Scaling Without Losing Your SAnity 遇到 scaling issue 的時候, 可以參考裡面提到比較常見的方式.. CakePHP and AJAX AJAX 這個蠻實用的...有提到怎麼在 cakephp 裡面測試 ajax Testing your app with Selenium on Travis CI 這個也挺有趣的...Travis CI + CakePHP + Selenium Effective debugging 這應該已經一次上完了整堂的前端/後端和腦端的 debug 課程.... Advanced Querying with CakePHP 3 CakePPH 3 的 ORM, query 更直覺了! Why You Can't Test   Keep Updating...

IIS 的 log file 有一些很有趣的東西。分別是 time filed 和最後的 time taken欄位。 如果有一筆record長成這樣: #Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip sc-status sc-substatus sc-win32-status time-taken 2012-11-28 22:25:17 192.168.0.21 GET /Main.aspx - 80 AWalker 192.168.0.100 200 0 0 764 那麼 time filed 的 22:25:17 代表的是 request 送到 server 的時間嗎? time taken filed 的 764 則是代表 server 共花了 0.764 second 完成了這項 request，那要怎麼定義完成? server 送出就算了嗎? 我的答案是: 22:25:17 是 server 完成這筆 request 的時間。client 發出這筆 request 的 時間必需往前回推。 而 time taken 則會包括 client acknowledge 的時間，並不僅僅是 server 運算處理完畢的時間。 ref: what-does-the-time-field-in-the-log-indicate-exactly time-vs-time-taken-fields-in-iis-logging http://forums.iis.net/t/1188041.aspx

如果是由 EV (Extended Validation) CA 所簽發的 SSL Certificate, Chrome 會在 URL 列列出組織的名稱。像 GitHub 的這樣: 而一般 CA 所簽發的則沒有。像 FaceBook的: 就稽核管理的角度來看，EV CA有較嚴謹的限制: <quote wiki> Establish the legal identity as well as the operational and physical presence of website owner; Establish that the applicant is the domain name owner or has exclusive control over the domain name; and Confirm the identity and authority of the individuals acting for the website owner, and that documents pertaining to legal obligations are signed by an authorised officer. </wiki> 較有趣的一條是 EV CA不允許簽發 wildcared Extended Validation certificate。 REF: http://en.wikipedia.org/wiki/Extended_Validation_Certificate Guidelines for Extended Validation Certificates