Install fcitx to type sinhala unicode real time in ubuntu

Since Rsinglish developers asked to use fcitx instead of iBus here are some steps to install and config fcitx in linux environment. 

1. To install fcitx, fcitx-config and fcitx-m17n using apt-get simply enter following line in terminal 

 sudo apt-get install fcitx fcitx-config-gtk2 fcitx-m17n   

2. Set the input method for gtk/qt modules and xim programs by setting the environment variables. Open the /etc/environment file in your favourite text editor and add the following lines to the bottom.  

  export GTK_IM_MODULE=fcitx  
  export QT_IM_MODULE=fcitx  
  export XMODIFIERS="@im=fcitx"  

3. Restart the session and you can see the system tray icon of the fcitx. (if not add the startup script, the command as "fcitx")

4. Right click on the fcitx icon on the system tray and click Configure.

 

5.  In config window click on the small + sign on the bottom-left coner.

6. In the Add input method window uncheck the Only show current Language setting and search for singlish. Select Singlish(m17n) and click OK.

That's it. close the config window and try the input method. The default key combination for switching between the input methods is ctrl+Space. But you can change it using Globle Config tab in config window. Cheers.!

Reference : https://wiki.archlinux.org/index.php/fcitx#Using_FCITX_to_Input

3 commentsRead more

Install RSinglish-a real time sinhala unicode converter on linux

Update  : Developers of Rsinglish asked to use fcitx instead of m17n alone so this post is outdated, please refer to the next blog post to install fcitx and type Unicode realtime.
 
Real time Singlish is a real time unicode converter script for Sinhala. Here are few steps to follow in order to install it on Linux mint 16(Petra) and Ubuntu.

1. Install IBus and Ibus-m17n using following commands

 sudo apt-get install ibus  
 sudo apt-get install ibus-m17n  

2. Go to Language Support and click on Install/Remove Languages.

 

3.  Select Sinhala from the list and select Apply Changes

4. Select Keyboard input method system as IBus in Language Support and click Apply System wide button.

5. In control center go to Input Methods(or just search in the start menu), it will bring up a wizard. Activate Ibus daemon by proceeding through the wizard.

6. Ibus will start in your system tray now (The small  keyboard icon) if not use following command to start IBus.

 /usr/bin/ibus-daemon -d  

7. Go to IBus preference by right clicking the IBus icon at the system tray

 8.In the Input methods tab check the custermize active input methods and click on the drop-down menu. Click on show all input methods on the bottom of the drop-down list. Now select the sinhala; Sinhalese from the list and then Singlish(m17n). See the image below. After that click Add  button.

9. All set, restart the machine and left-click on the system tray IBus icon. (if it isn't there just run once and add the command listed in step 6 to Startup Applications). 

You can now select between Singlish and English. Form the preference of IBus you can configure a key combination for faster switching between the input methods.

Here's the letter-map

  Reference : 

[1] http://0xdeafc0de.wordpress.com/rsinglish/
[2] http://0xdeafc0de.wordpress.com/rsinglish/linux-rsinglish-installation/

P.S : Developers of Rsinglish asked to use fcitx instead of m17n alone so please refer to the next blog post to install fcitx

2 commentsRead more

Create self signed SSL certificates with crl/ocsp X509 Extensions using openssl

(image source : https://ssl.trustwave.com/support/support-how-ssl-works.php)

In order to test Ocsp/Crl validation we need to send the client request with ssl certificates that have information about CRL and OCSP. For that we can add authorityInfoAccess and crlDistributionPoints extensions to certificates. Here I'm using openssl tool on linux terminal to create required certificates.

what we need to create:

step 1. RSA key to root CA
step 2. Root CA certificate
step 3.  RSA key to subordinate(client)
step 4.  subordinate certificate
and then we can get the subordinate signed by root CA.

step 1
create 4096 long RSA key names ca.key

openssl genrsa -out ca.key 4096

step 2
create root CA using the generated key. Enter following line and provide information for your root CA that may be asked.

openssl req -new -x509 -days 1826 -key ca.key -out ca.crt 

step 3
create RSA key for subordinate

openssl genrsa -out ia.key 4096   

step 4

openssl req -new -key ia.key -out ia.csr

Ok. Now we have to add the required extension before giving Certificate Signing Request. First create a file named my.cnf with the following data.

authorityInfoAccess = OCSP;URI: http://ocsp.digicert.com
crlDistributionPoints=URI:http://crl3.digicert.com/ca3-g17.crl

Now we can execute following command with the extension of above created file.

openssl x509 -req -days 730 -in ia.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out ia.crt -extfile my.cnf

we have ia.crt certificate signed by ca.crt .

Next blog post will be about how to test the ocsp/crl verification at the transport listener using CURL.

resources :
http://blog.didierstevens.com/2008/12/30/howto-make-your-own-cert-with-openssl/
http://stackoverflow.com/questions/11966123/howto-create-a-certificate-using-openssl-including-a-crl-distribution-point/12023746#12023746

2 commentsRead more

WSO2 ESB OCSP/CRL Verification implementation in transport Listner

 (image source : http://support.f5.com/techdocs/home/bigip/manuals/bigip4_5/bigip4_5features/images/BIGip_OCSPa.gif)

During the SSL handshake a server invokes OCSP/CRL protocols to verify that the client’s X509 Certificate is not revoked by its issuer. Those protocols needs to make a http call to servers at CA in order to do the verification.  The responses include information about the revocation of the certificates. The SSL connection can’t be establish any further if the response indicate that the certificates are revoked. If not then the server can perform the SSL handshake.

In ESB 4.8.1 this feature is already implemented for transport sender. I have implemented it for the transport listener.

In order to enable this feature you have to add the following configuration to “Transport Ins (Listeners)”  section in axis2.xml file.

<parameter name="SSLVerifyClient">require</parameter>
            <!--supports optional|require or defaults to none -->
        <parameter name="CertificateRevocationVerifier" enable="true">
                <CacheSize>50</CacheSize>
                <!-- In minutes -->
                <CacheDelay>1</CacheDelay>
 </parameter>

There is automatically managed cache associated with both ocsp and crl verifications. 

Testing ocsp/crl validation by creating self signed certificates will be explained in next blog post.

No commentsRead more