I want to integrate a payment service in my web application but the service provider needs a PCI Certificate for my web application as to see the current situation I'm thinking to move my server on AWS Amplify since AWS is a PCI DSS Compliant so if I host my web app do I get a separate PCI Certificate from AWS which I can show to the payment service provider for the payment integration.
I'm confused if I used AWS Amplify do AWS provide me a PCI Certificate for my web application. Please elaborate me regarding this.
Thanks
Related
We are evaluating mesibo for InApp messaging within our SaaS application. We would need OnPrem setup to comply to Data compliance requirements.
One clarity we would need on this regard is, when we switch from Cloud to Onprem setup still client side code continues to use https://mesibo.com url. In this case we believe all the traffic gets routed to our OnPrem server via Mesibo server.
Please confirm if this understanding is right? If so would there be any data residing on Mesibo server? This clarity is required for us to respond to our customers.
Thanks
No, once you enable On-premise, your client directly connects to your on-premise server. You can verify it using netstat utility. mesibo cloud will have no access to your data.
Refer to the following to learn more https://mesibo.com/documentation/faq/on-premise/#do-i-need-to-change-or-recompile-my-apps-to-run-with-mesibo-on-premise
Mesibo APIs support both cloud and on-premise. By default, it connects
to the cloud. However, if the app is configured to be on-premise, the
mesibo cloud will refuse to serve and will ask the client to connect
to an on-premise server, and will disconnect. Then onward, the client
will directly connect to the on-premise server and then all the
messages and calls will route to your mesibo on-premise server.
I want to implement in my project the Intel SGX remote attestation mecanisme.
this mecanisme requires the Service Provider and a IAS server.
My problem is: what is exactly a Service Provider, is it an ordinary server in which we install an API or something else.
How to configure this SP in order to implement remote attestation mecanisme.
Thank you.
You probably have in mind Intel's RA example:
(source: intel.com)
There are three different actors involved:
Client Application, who is a host to the enclave
Service Provider, who performs remote attestation on Client's behalf
Attestation Service (IAS, Intel Attestation Service), who is a trusted third party tasked with verifying the enclave
This example implements remote attestation in a client-server architecture where the Client Application acts as a client and the Service Provider acts as a server. So yes, the Service Provider could be an ordinary server that provides Client Application with some API.
This is a useful pattern if you intend to perform RA across many applications - but it's not required. You can implement RA algorithm in Client Application instead and talk to the Attestation Service directly.
I'm trying to implement transport level security for WCF services.
My application architecture is as follows:
WCF service is hosted as windows service in domainA.
Client is a WinForms application in DomainB.
Since it's a cross domain scenario, I have to use certificates for authenticating client and service so they can establish a secure connection.
My understanding is I need 3 certificates to achieve this:
Service certificate - authenticates the service to the client.
Should be installed in Local Machine --> Trusted Root Certificates store on a service machine.
Certificate authority - a certificate that can be used to issue user specific certificates. Where should this one be installed? Service or client machine?
User certificate.
Should be installed in Current User --> Trusted Root Certificate on a client machine.
I couldn't find any examples on the web that use certifcate authentication over tcp protocol.
I could only find https examples with services hosted in IIS.
Any reference to a tcp scenario is greatly appreciated.
Are my assumptions correct?
Where should I install the Certificate Authority certificate (item 2)?
Are there other, easier approaches besides using certificates to accomplish transport level security over tcp in a cross domain environments?
Thank you in advance.
If gateway server is installed in one server and api manager installed in another server and I have configured DAS in api manager server. Will my DAS server can collect statistics data from api manager server?
If you are using gateway manager or gateway worker profile then you need to enable below OSGI bundles in bundles.info for that profile
org.wso2.carbon.bam.service.data.publisher.stub,4.6.0,../plugins/org.wso2.carbon.bam.service.data.publisher.stub_4.6.0.jar,4,true
org.wso2.carbon.bam.service.data.publisher.ui,4.6.0,../plugins/org.wso2.carbon.bam.service.data.publisher.ui_4.6.0.jar,4,true
org.wso2.carbon.statistics,4.4.8,../plugins/org.wso2.carbon.statistics_4.4.8.jar,4,true
org.wso2.carbon.statistics.stub,4.4.8,../plugins/org.wso2.carbon.statistics.stub_4.4.8.jar,4,true
org.wso2.carbon.statistics.ui,4.4.8,../plugins/org.wso2.carbon.statistics.ui_4.4.8.jar,4,true
We are migrating from a dedicated server with a local virtual SMTP server to Windows Azure. As far as I can tell Windows Azure does not allow a local SMTP server to be setup in IIS. The SMTP Server option in the management console is missing. How would I setup an email relay so that I can have a .net web application send emails from a Windows Server 2012 virtual machine in Azure?
This is more like corollary to what #mcollier has stated. Given that you are already on Azure and you get 25,000 free emails (there are higher plans as well) with your subscription as well.
You can configure a Virtual SMTP server which relays to the sendgrid services. For the development perspective you will have the view of using your own SMTP server / service. Setting up a sendgrid based service is explained in this link.
I have used sendgrid earlier and my experience with this was amazing. As #mcollier has pointed out, using services like Sendgrid will give good chance of staying away from spam problem, if you try to setup and use the SMTP service of your own because of the reverse lookup etc.
PS: The above Virtual SMTP Server can be replaced with Amazon SES, which is equivalently a good service. Check out more info here.
First, assuming you're using a Windows Azure IaaS VM. Correct? If so, I think you need to enable that role/feature in Windows Server.
Second, why the need to send emails from that specific server? Would a service like SendGrid work? One problem people sometimes have with email servers in Windows Azure is the domain of your service (something.cloudapp.net) does not match your vanity domain when a reverse DNS lookup is performed. This could cause the email to be flagged as spam (since you don't technically own the sending domain, something.cloudapp.net).
I developed an direct relay application using the normal RFC email commands and lock that on my application, but strange that some test emails get delivered using the relay on windows AZURE VM, and all other mails are not getting any bounce response, and making a sense that every email is being delivering,
This is strange behaviour on azure vm.
so it means you can't send email using azure vm as a smtp mail server, if like to test then simply download promailer marketing manager from jsmtp.com