Encryption: How is a public key used to encrypt a string?

I am oversimplifying, but I understand that a public key is the product of two large prime numbers. In essence, as long as the private key is kept private, the owner knows something that the outside world does not know.

My question is how, in simple terms, you take a string or a number (such as a proposed symmetric key for a session) and you encrypt it with the public key, in such a way

a) the rest of the world with the public key can not (since they also have the public key) and

b) the owner with the private key can?  

Thank you.

██ 50% DISCOUNT ██ FOR LIFE !!! Cheapest web hosting with Lets Encrypt SSL, nginx, SSD, cPanel, MySQL

TrexHost.com, choose a secure, reliable and customer-friendly web hosting provider to boost your business.

50% discount on all shared hosting plans for the life of your hosting account when you choose the annual billing term.

All accounts are hosted in
– Fast dual processor servers
-Php 5.3, 5.4, 5.5, 5.6.7.0+
-c Panel
– Antivirus and antispam protection
– Hard Drives SD
– Powerful servers, extremely low CPU loads, high performance. Great customer support 24/7
-GD, Curl, Zend, Softaculous.

Shared web hosting TrexHost

Start package– (More information here!)
25GB bandwidth
-DiskSpace- 2GB
-Email accounts- 5
-Dominies- 1
-Canlante + Softaculous
– $ 1.29 per month or $ 7.74 / year after the 50% discount on the coupon
-Ordene here!

Economic package– (More information here!)
– Bandwidth – 100GB
-DiskSpace- 20GB
Unlimited email accounts
-Dominios- Unlimited
-Canlante + Softaculous
– $ 2.49 per month or $ 14.94 / year after the 50% discount on the coupon
-Ordene here!

Advanced package– (More information here!)
500GB bandwidth
-DiskSpace- 50GB
Unlimited email accounts
-Dominios- Unlimited
-Canlante + Softaculous
– $ 4.49 / month or $ 29.94 / YEAR, after the 50% discount on the coupon
-Ordene here!

Use the promotional code TREXHOST50 when you place an order to receive a 50% discount for life when you choose an annual billing cycle.

All our accounts are created on servers with dual processor, with SSDs.
TrexhostHost.comChoose a secure, reliable and customer-friendly web hosting provider to boost your business.

Add the Nginx configuration file and generate let's encrypt using php

I am offering a website creation service to my clients, where clients can also use their own domain name. On my server, I use Nginx, with Let & # 39; s Encrypt certificates.

Is there any way to create a new Nginx site configuration file using php, or something like that? Also, is it possible to install a certificate "Let's encrypt" in the new file added?

I hope this is possible, because I want the domain mapping process to be automatic. I already have the things I need, except the Nginx & Let's Encrypt stuff.

If someone does not understand me, here is an example:

  1. Someone fills in my form from your account. (I already have a form)
  2. My code (php) creates a new Nginx configuration file with your domain in it.
  3. My code (php) then generates and installs a new Let & # 39; s Encrypt certificate in the new configuration.
  4. Finally, the code (php) enables Nginx configuration. (With a symbolic link of sites available for enabled sites)

If someone has some codes or advice for me, I appreciate your response.

dual boot: how to encrypt the NTFS folder so that it is accessible from Linux and Windows

I have a dual-boot Ubuntu / Windows system with each operating system that has its own "private" partition and a common "shared" NTFS "data" partition between both systems.

I would like to encrypt one of the directories in the "data" partition so that it is still accessible from both systems.

Encrypt the content of the email – CPanel

I need to encrypt the content of the email sent by the cPanel users without sharing the passwords between the sender and receiver like Outlook.com.

looking for ideas for … | Read the rest of http://www.webhostingtalk.com/showthread.php?t=1769540&goto=newpost

Encrypt columns of SharePoint online lists

I am a bit of an expert in development but I have basic knowledge about SharePoint and Sharepoint Online.

I would like add an encryption thing to my list Sharepoint Online columns do it

  • possible to select if it should be
  • private (only the creator must be able to see the value deciphered)
  • based on roles (only people with a certain role should be able to see the deciphered value)
  • Public (everyone can see the value deciphered).

I understand that I need some type of customization to do this, so my question is:

  1. What is the best practice to encrypt list columns? Any built-in API function you can use?
  2. Is it even possible to add personalization to SharePoint Online? Please guide me where to start?

Is it possible to encrypt the message with the PUBLIC key and decipher it with the PUBLIC SAME PUBLIC? [on hold]

In asymmetric cryptography, is it possible to decrypt the message with the SAME PUBLIC key with which the message was encrypted? Or can the message encrypted with a public key CAN ONLY be decrypted with the associated private key?

CentOS 7 LAMP Server Tutorial Part 3: Let's Encrypt SSL




Welcome to the third installment of CentOS 7 LAMP Server Tutorial: Modernized and Explained series. This tutorial is based on the work done in Part 1 and Part 2, so if you have not reviewed them, this is a good time.

In this release, we will secure our new virtual host (lowend-tutorial.tld) ​​with an encrypted SSL certificate from Let. We will install WordPress in Part 4. It will be good to have an SSL certificate installed before installing WordPress.

We will see how the Encrypt SSL certificate is installed and how we can use the certificate. Let us begin!

If you are not familiar with Let's Encrypt, take a moment to visit their website at https://letsencrypt.org/. They are a Certification Authority that offers free SSL certificates to anyone who can prove that they own the domain for which they are trying to obtain an SSL certificate.

The way they do it is through the ACME protocol. You can read more about this on your site, but it works like this: a program on the server (we'll talk about Certbot in a moment) places a code inside a file at http: //lowend-tutorial.tld/somefilename. Then he tells the servers of Let's Encrypt where that file is, and they go looking for it. If the URL exists and loads the encoded message, they know that the request came from the real lowend-tutorial.tld server and they issue a certificate.

That means that http: //lowend-tutorial.tld must be a functioning website before Let's Encrypt issues a certificate. In the last installment we had a job site although it had no content. That will work well for this purpose. As mentioned, the program that controls all this is called Certbot. It's incredible software that makes this whole process seem incredibly simple. Let's install Certbot!

For CentOS 7 we need to install both Certbot and the python module that Certbot uses to integrate with Apache. Use the following command:

yum -y install certbot python2-certbot-apache

Before we can run Certbot and get an SSL certificate from Encrypt, we need to do a little more configuration. HTTPS (SSL) connections occur on port 443 (compared to port 80 for unsecure HTTP connections), so we must allow port 443 to pass through the firewall. Firewalld knows the association between port 443 and https, so we can only enable "https" in Firewalld. Paste the following commands:

firewall-cmd --zone = public --add-service = https --permanent
firewall-cmd - upload

Certbot is smart and knows that we are running the Apache web server, and besides, it is smart enough to know it. how We are running Apache. Actually read the configuration files and react accordingly. You will remember that we created a new Apache VirtualHost in /etc/httpd/sites-enabled/lowend-tutorial.tld.conf. This configuration file is responsible for mapping http: //lowend-tutorial.tld to / home / lowend / public_html and make PHP work.

The first line of /etc/httpd/sites-enabled/lowend-tutorial.tld.conf It looks like this:

This VirtualHost is specific to port 80. But SSL happens on port 443, so it will be necessary to have a new VirtualHost for port 443. What do we need to do to configure everything? Let Certbot do his magic! On the command line, run certbot with the following command:

certbot

You will have to answer some questions. If you want your website to be automatically redirected to https: // you can configure it here or you can do it manually later in the website settings. This is how it looked in our VPS:

If you look in / etc / httpd / sites-enabled, you will see a new file, lowend-tutorial.tld-le-ssl.conf. An exam will show that the VirtualHost directive defines a VirtualHost on port 443 and that the entire VirtualHost file is wrapped in tags At the bottom there are some new lines related to SSL certificates. Here are the additions and changes:






...
... omitting original content from VirtualHost for brevity
...
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/lowend-tutorial.cf/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/lowend-tutorial.cf/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/lowend-tutorial.cf/chain.pem

You can see how the configuration is SSL-specific. SSL configuration is loaded and routes to SSL certificate files are now included. Certbot did all this for us, and even restarted Apache to enact the changes. Thanks, Certbot!

Let's see if everything worked. Upload your site in a browser, then change the URL to https: //. I should still charge. If not, check ACME errors carefully and make sure that the site was originally loaded with http: //. Also make sure that DNS points to the server correctly. These things explain most of the errors.

Like most good things, Let & # 39; s Encrypt SSL certificates do not last forever. They last 90 days and need to be renewed. If we ask Certbot to run regularly, it will automatically renew any SSL certificate that is less than 29 days from expiration. For that, we're going to use a cron job.

Cron jobs are automated tasks that run on a schedule that we define. These schedules are made in a tabulated file called "crontab". Linux has a built-in function to modify crontabs, but it is based on the use of its own text editor. We prefer nano because of its ease of use vs vim (feel free to disagree, we do not care!) And so we will establish it as our editor before starting to edit things:

echo "export VISUAL = nano"

Since we want this to be the case every time we start session, we will go ahead and add it to /root/.bash_profile. the .bash_profile file is a script that runs every time your user logs in:

echo "export VISUAL = nano" >> ~ / .bash_profile

Now let's edit the crontab file and add a job that will run every 12 hours:

crontab -e

With nano open, paste the following

1 * / 12 * * * certbot renew

That entry tells cron to execute the "certbot renew" command in the first minute of every 12 hours of each day. If there is a certificate that needs to be renewed, it will renew it for us as long as ACME can verify the domain again.

And with that, we're finished. He just installed Certbot, which installed an Encrypt SSL certificate on his CentOS 7 LAMP server. For more information, see the official Let's Encrypt and Certbot documentation. They are a treasure trove of information, especially if you need to solve problems:

https://letsencrypt.org/
https://certbot.eff.org/docs/

In the next installment, we will install WordPress on our new LAMP server and learn to manage it without even leaving the command line. Stay tuned!




How to secure Apache with Let's Encrypt Ubuntu 16.04




In this tutorial, we will examine how to secure Apache with Let & # 39; s Encrypt for the Ubuntu operating system 16.04. First we will examine a general description of Let's Encrypt, the certification authorities and then we will analyze step by step the guide to install and configure Let's Encrypt on your Ubuntu 16.04 VPS servers and we will review how to automatically renew SSL certificates.

Let's encrypt is a free, automated and open Certification Authority (CA) that provides the ability to secure a website. Let's Encrypt also provides automation and tools to reduce the installation and maintenance challenges needed to protect web servers using HTTPS (SSL / TLS).


Let's Encrypt is free, easy to create, configure and renew certificates on web servers (like Apache).

Most administrators hosting web servers aim to attract new visitors and retain the attention of the end user, as this often translates into profits or a growing community of websites. People who host web servers also want to reduce maintenance and costs.

End users, on the other hand, are motivated to visit websites that are safe and do not compromise their security.

To satisfy both administrators and end users, a Certification Authority is used to validate the authenticity of the web server's domain name.

Traditional CA solutions (Certification Authorities) such as Verisign required domain owners to pay a fee for using CA services, this is no longer necessary when using Let's Encrypt. Let's encryption service is funded by sponsors and donors.


  1. The web server administrator creates a pair of private and public keys. Using the public key, the website administrator will create a CSR (certificate signing request) and then send the CSR to a Certification Authority.
  2. The Certification Authority signs the CSR and returns a final certificate that the administrator of the web server will install on his web server.
  3. The final certificate is signed by the private key of the Certificate Authorities and contains metadata about the administrator's web server.
  4. When a visitor to the website goes to the website, the visitor's browser will download the final certificate from the web server. The visitor's browser will contact the Certification Authority to ensure that the certificate downloaded from the website is valid.
  5. If the certification authority confirms that the certificate is authentic / valid, the website visitor will receive a green padlock in their browser in the URL box. This will notify the end user that the website is safe to visit.

  1. You must be the administrator of the domain name you want to protect; for this tutorial, we will use the DNS hostname "LetsEncryptTutorial.ddns.net.
  2. You need to have your public IP address.
  3. You must install the Apache web server if it is not already installed.

  1. Update the definitions of the Ubuntu apt repository package. Open a command-line terminal and type "apt-update" or if you are logged in as a non-root user, type "sudo apt update".

  1. To install Apache: "apt install apache2 -y" or "sudo apt install apache2 -y"

  1. Change to the directory named / var / www / html and make sure there is an index.html file in the directory.

  1. Optional but recommended: Edit the default title of index.html to be unique (for example, the Encrypt tutorial website) by adding the "Encrypt tutorial" to the body. NOTE: This is simply to help you confirm that the server is resolving and that it is not accessing the cached pages.

  1. If you use systemd for startup, restart Apache "systemctl restart apache2" or "sudo systemctl restart apache2" if you are using a non-root user. If you use init, run "service apache2 restart"

  1. Confirm that Apache is running correctly on your system. If you use systemd, use "systemctl status apache2" and if you use init use "service apache2 status"

  1. Confirm that the modified default Apache website is now available through a web browser

First, confirm that port 80 is open and running by going to the following URL:
http: //< apache_server_ip>: 80 (You should see your web page edited)

Next, confirm that the SSL port of the 443 web server is also open and running by going to the next one,
https: //: 443

NOTE: When the server resolves in a browser with port 443, an "Unencrypted" or "Not secure" error will appear in the address bar. It's okay.

Caution: Do not continue with the following steps if you can not successfully reach your Apache server on both ports 80 and 443. If the server does not resolve any of the ports, contact the network administrators to ensure that both ports are configured to allow the web traffic

Once we know that Apache is resolving correctly, we can move on to the next section of this tutorial.


  1. Install the common "apt-get install software-properties-common -y" tools if you logged in as the root user

  1. Add the apt component to install new repositories, by running: "add-apt-repository universe"

  1. Add certbot to the apt repository list "add-apt-repository ppa: certbot / certbot"

  1. Update suitable to detect the newly added repositories: "apt update"

  1. Install certbot to create and renew certificates using let's encryption: "apt-get install certbot python-certbot-apache -y"

  1. Run the certbot command to create SSL for your domain.

  1. Now visit https: // to verify that your new certificate is working correctly and that your website has a valid certificate. You will see a green padlock icon that confirms that a secure connection has been established with your Apache server. Click on the green padlock for details about the SSL certificate.


It is highly recommended to automate the renewal of your certificate to avoid the interruption of http traffic due to an expired SSL certificate. For example; On the Apache server you can create a cron job to renew the certificate every month on the 10th at 6:04 am using cron by typing "sudo crontab -e" and at the bottom add the following line (below) and save / exit .

4 6 10 * * certbot -apache -force-renewal renew -quiet


EOF




██ 50% DISCOUNT ██ FOR LIFE !!! Cheapest web hosting with Lets Encrypt SSL, nginx, SSD, cPanel, MySQL

TrexHost.com, choose a secure, reliable and customer-friendly web hosting provider to boost your business.

50% discount on all shared hosting plans for the life of your hosting account when you choose the annual billing term.

All accounts are hosted in
– Fast dual processor servers
-Php 5.3, 5.4, 5.5, 5.6.7.0+
-c Panel
– Antivirus and antispam protection
– Hard Drives SD
– Powerful servers, extremely low CPU loads, high performance. Great customer support 24/7
-GD, Curl, Zend, Softaculous.

Shared web hosting TrexHost

Start package– (More information here!)
25GB bandwidth
-DiskSpace- 2GB
-Email accounts- 5
-Dominies- 1
-Canlante + Softaculous
– $ 1.29 per month or $ 7.74 / year after the 50% discount on the coupon
-Ordene here!

Economic package– (More information here!)
– Bandwidth – 100GB
-DiskSpace- 20GB
Unlimited email accounts
-Dominios- Unlimited
-Canlante + Softaculous
– $ 2.49 per month or $ 14.94 / year after the 50% discount on the coupon
-Ordene here!

Advanced package– (More information here!)
500GB bandwidth
-DiskSpace- 50GB
Unlimited email accounts
-Dominios- Unlimited
-Canlante + Softaculous
– $ 4.49 / month or $ 29.94 / YEAR, after the 50% discount on the coupon
-Ordene here!

Use the promotional code TREXHOST50 when you place an order to receive a 50% discount for life when you choose an annual billing cycle.

All our accounts are created on servers with dual processor, with SSDs.
TrexhostHost.comChoose a secure, reliable and customer-friendly web hosting provider to boost your business.