In my last blog post, I laid the foundation in How TLS/SSL and X.509 really works. Here I will provide the practical part. How to generate private and public keys. How the create self-signed certificates and certificate chains. How do you get a certificate signed by a real certificate authority (CA). And how to integrate all this into an nginx web server and a self-developed Spring Boot server.

Had you anytime the necessity to create TLS secured communication between some servers. Did you play around until anything apparently seems to work, but without a real understanding of the things that are going on? Then is little blog post is for you. Here I will provide only the theoretical background that needs to be known, to understand what TLS really is, how it works and for what X.509 is used.

When an application is deployed on several Kubernetes pods such a pod is never accessed directly by the application clients. Normally a Service is used to group a set of pods and act as a single access point. Then incoming requests are load balanced between all pods. IP and port of a service are fix during its lifetime so the client does not need to care about the pods behind the service.

There are several of service types services for internal and for external client access. Unfortunately Kubernetes does not come with a service doing load balancing for external clients. The service type LoadBalancer only works when Kubernetes is used on a supported cloud provider (AWS, Google Kubernetes Engine etc.) and the underlying load balancing implementation of that provider is used. This blog post describes the different options we have doing load balancing with Kubernetes on a not supported cloud provider or on bare metal.

This guide describes how to install Linux Kernel-based Virtual Machine (KVM) on a Debian 9 host, create some virtual machines and install a Kubernetes cluster on them. In the end, we have a fully Kubernetes cluster running on a bare metal hardware at home.

This guide describes how to install and configure a router running OpenBSD on an apu2c4 board.

In my last blog post we wrote an Spring Boot application which provided some RESTful web services only callable by authenticated clients. Now we will create the client part in form of an Angular2 single page application. The only not secured web service on the server is the LoginRestController. We will call this web service with some credentials and if the authentication was successful, the web service will return an JSON Web Tokens (JWT). For all subsequent REST calls from our Angular2 app, this JWT needs to be provided. If the JWT is still valid, the server will interpret this calls as authenticated.

A full working example could be found at https://github.com/nerdcoding/angular2-spring-boot. This example consists of the Spring Boot server application and the Angular2 client described in this tutorial. You can ignore the server application if you are only interested in the client part.

In this tutorial we will secure the access to RESTful web services which should only be accessible for authenticated users. The securing and the authentication is done with Spring Security. Anymore we will implement a authentication mechanism generating JSON Web Tokens (JWT). They are used by the client to make authenticated calls to the secured web services.

A fully working example could be found at https://github.com/nerdcoding/angular2-spring-boot. This example consists of an Angular2 client application and the server application described in this tutorial. You can ignore the client application if you are only interested in the server part.

How to make your JavaEE 6 application unusable with the usage of docx4j and deployed on WebLogic 12.1.2.

In this tutorial we will implement a simple JavaEE 7 application with a single JPA entity and a EJB which uses that entity. We will write an integration test for this EJB which is executed with Arquillian and runs on a WebLogic application server. You can skip the long (and hopefully not too boring) explanation and directly clone a fully working example from https://github.com/nerdcoding/arquillian-on-weblogic.