aungkyawminn

TOTP RFC 6238 --- Simple Explanation and Implementation Guide

---

1. What is TOTP?

TOTP means:

Time‑Based One‑Time Password

aungkyawminn

Create Root CA (Done once)

Last update: Nov 2025.

Create Root Key

Attention: this is the key used to sign the certificate requests, anyone holding this can sign certificates on your behalf. So keep it in a safe place!

openssl ecparam -genkey -name secp384r1 | openssl ec -aes256 -out rootCA.key

aungkyawminn

Platform Fee Rules – Design & Implementation Guide

This document defines how platform fee rules work in the Eventickat system. It is intended for backend developers, frontend developers, and admins who manage pricing rules.

---

1. Purpose of Platform Fee Rules

Platform fee rules define how much commission the platform earns from ticket sales.

aungkyawminn

Settlement Feature - Implementation Guide

Project: Admin-Backend (Event Ticketing System)
Module: SettlementModule
Feature: Organizer Settlement Management
Implementation Date: December 26, 2025
Last Updated: December 27, 2025

---

aungkyawminn

Ticket Price Calculation – Reverse Pricing Model

This document explains how Eventickat calculates ticket prices using a reverse pricing model where organizers specify what they want to receive, and the system calculates what customers will pay.

---

1. The Core Concept

Traditional Pricing (NOT our approach)

aungkyawminn

On-Prem WSO2 Kubernetes Deployment (Free & Open-Source – Tanzu Alternative)

Overview

This document describes a production-grade, fully free and open-source architecture for deploying WSO2 (API Manager / Micro Integrator / IS) on on‑prem VMware infrastructure, without using VMware Tanzu.

This stack is widely used in banks and regulated environments and avoids vendor lock‑in.

aungkyawminn

Mutual TLS (mTLS) Authentication — General Overview

Mutual TLS (mTLS) is an extension of Transport Layer Security (TLS) where both client and server authenticate each other using X.509 digital certificates.
It provides a stronger trust model than standard TLS, where only the server presents a certificate.

mTLS is widely used across ecosystems such as:

• API Gateways (WSO2, Kong, Apigee, AWS API Gateway)
• Payment and Financial Networks (Visa VCAS, Mastercard MIP, banking integrations)
• Microservices and Service Meshes (Envoy, Istio, Linkerd, AWS App Mesh)
• Cloud and VPN Security (PrivateLink, Zero Trust Networks, Client VPNs)

aungkyawminn

Designing a Scalable and Cost-Efficient Kong Gateway Architecture on AWS

Using Amazon ECS and Aurora Serverless

---

1. Overview

This architecture demonstrates a Kong Gateway Hybrid Mode (Control Plane + Data Plane) deployment using AWS ECS (Fargate) and Aurora Serverless PostgreSQL, optimized for scalability, security, and cost efficiency.

aungkyawminn

🧩 WSO2 API Manager — Overview for Developers

WSO2 API Manager (APIM) is an open-source API management platform.
It helps organizations design, publish, secure, monitor, and manage APIs easily — whether for internal microservices or public developer portals.

---

🌍 What is API Management?

When multiple services or systems expose data through APIs, we need to:

aungkyawminn

Mobile Wallet — System Architecture Views

This document compiles five standard architecture views for the Mobile Wallet System:

1. Use Case View
2. Logical View
3. Process View
4. Development View (modular)
5. Physical View

---