Skip to content

Instantly share code, notes, and snippets.

View balenr's full-sized avatar

René van Balen balenr

2 followers · 14 following
View GitHub Profile
@balenr
balenr / settings.json
Created September 25, 2025 12:33
Windows Terminal Settings
{
"$help": "https://aka.ms/terminal-documentation",
"$schema": "https://aka.ms/terminal-profiles-schema",
"actions": [],
"compatibility.allowHeadless": true,
"copyFormatting": "none",
"copyOnSelect": false,
"defaultProfile": "{574e775e-4f2a-5b96-ac1e-a2962a402336}",
"keybindings":
[
@balenr
balenr / ssllabs-q4-2021.conf
Created December 21, 2022 13:51
SSL Labs Cipher Group Q4 2021
add ssl cipher SSL_Labs_Cipher_Group_Q4_2021
bind ssl cipher SSL_Labs_Cipher_Group_Q4_2021 -cipherName TLS1.3-AES256-GCM-SHA384
bind ssl cipher SSL_Labs_Cipher_Group_Q4_2021 -cipherName TLS1.3-AES128-GCM-SHA256
bind ssl cipher SSL_Labs_Cipher_Group_Q4_2021 -cipherName TLS1.3-CHACHA20-POLY1305-SHA256
bind ssl cipher SSL_Labs_Cipher_Group_Q4_2021 -cipherName TLS1.2-ECDHE-ECDSA-AES256-GCM-SHA384
bind ssl cipher SSL_Labs_Cipher_Group_Q4_2021 -cipherName TLS1.2-ECDHE-ECDSA-AES128-GCM-SHA256
bind ssl cipher SSL_Labs_Cipher_Group_Q4_2021 -cipherName TLS1.2-ECDHE-ECDSA-AES256-SHA384
bind ssl cipher SSL_Labs_Cipher_Group_Q4_2021 -cipherName TLS1.2-ECDHE-RSA-AES256-GCM-SHA384
@balenr
balenr / .Xresources
Created March 1, 2020 20:14
Xresources
! Font options
! Resolution for Xft in dots per inch (e.g. 96)
Xft.dpi: 96
Xft.antialias: true
Xft.hinting: true
Xft.rgba: rgb
Xft.autohint: true
Xft.hintstyle: hintfull
Xft.lcdfilter: lcdfilter
@balenr
balenr / java_keystore.txt
Created February 6, 2019 14:27
Convert PFX to Java Keystore (jks)
Question: How do I move a certificate from IIS / PFX (.p12 file) to a JKS (Java KeyStore)?
Answer: Run the following command:
keytool -importkeystore -srckeystore pkcs12FileName.p12 -srcstoretype pkcs12 -destkeystore jksFileName.jks -deststoretype jks
@balenr
balenr / citrix_xml_tls.txt
Created February 6, 2019 12:51
Configure TLS on Citrix XML Broker Service
# Get appid for Citrix Broker Service in
HKEY_CLASSES_ROOT\Installer\Products
# Get certificate thumbprint
# Use netsh to configure TLS
netsh http add sslcert ipport=0.0.0.0:443 certhash=### appid={########-####-####-####-############}
@balenr
balenr / v3_req.cnf
Created October 1, 2018 18:57
OpenSSL CSR with Subject Alternative Names
[req]
distinguished_name = req_distinguished_name
req_extensions = v3_req
prompt = no
[req_distinguished_name]
C = US
ST = VA
L = SomeCity
O = MyCompany
@balenr
balenr / security-headers.conf
Last active April 17, 2018 13:28
NetScaler HTTP Security Headers
add rewrite action rwa_insert_XFrame_header insert_http_header X-Frame-Options "\"SAMEORIGIN\""
add rewrite action rwa_insert_XSS_header insert_http_header X-Xss-Protection "\"1; mode=block\""
add rewrite action rwa_insert_XContent_header insert_http_header X-Content-Type-Options "\"nosniff\""
add rewrite action rwa_insert_CSP_header insert_http_header Content-Security-Policy "\"frame-ancestors \'self\'\""
add rewrite action rwa_insert_REF_header insert_http_header Referrer-Policy "\"strict-origin-when-cross-origin\""
add rewrite action rwa_remove_XPOWER_header delete_http_header X-Powered-By
add rewrite action rwa_remove_SERVER_header delete_http_header Server
# only needed on NetScaler < 12.0
# on NetScaler 12.0+ you can use SSL settings or profiles to enable HSTS