Categories

iptables Rules

Block IP traffic from an specific IP or Network.

Block from an IP

iptables -A INPUT -s 11.22.33.44 -j DROP

If you want to block only on an specific NIC

iptables -A INPUT -s 11.22.33.44 -i eth0 -j DROP

Or an specific port

iptables -A INPUT -s 11.22.33.44 -p tcp -dport 22 -j DROP

Using […]

Forwarding Email to another host via Qmail

Today I needed to relay/forward all Email from one Server (Server A) to another Server (Server B). Server A is running Qmail (on CentOS). Server B is running company smartermail.

After googling and searching, I found a site teaches “forwarding Email to another host” using Qmail. I tried, as the article recommends setting up a […]

Resetting MySQL Root Password: Red Hat and CentOS

If you’ve forgotten your MySQL root password (or are involved with some nefarious activity), here is how you can reset that password on a Red Hat (RHEL) system or a CentOS system:

Stop MySQL:

root#  service mysqld stop

Start MySQL in safe mode:

root#  mysqld_safe –skip-grant-tables &

Log into MySQL as root:

[…]

7zip

zip is a nice, cross-platform compression software, similar in purpose to WinZip or GZip.  &zip can create and extract those .zip and .gz (and tar.gz) files, but it uses LZMA for its own native compression, which is a much more modern compression format.  (if you’re using .rar, please stop already).

  Use 7zip to create […]

Openssl Howto for Apache

 

Display Certificate Subject name in readable format

openssl x509 -in CERTIFICATE_FILE -noout -subject -nameopt multiline,-lname,-align

Top

To verify a certificate chain

openssl verify CERTIFICATE_FILE

 

The file CERTIFICATE_FILE contain the intermediate certificate first and the servers certificate.

Check your Certificate using the Certificate Check tool at the bottom of the page

Top

[…]

OpenSSL Commands to Convert SSL Certificates on Your Machine

Convert PEM to DER

openssl x509 -outform der -in certificate.pem -out certificate.der

Convert PEM to P7B

openssl crl2pkcs7 -nocrl -certfile certificate.cer -out certificate.p7b -certfile CACert.cer

Convert PEM to PFX

openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt

OpenSSL Convert DER

Convert DER to PEM

openssl x509 -inform der -in certificate.cer […]

Convert the PFX file for Apache

Run the following command using OPENSSL:

1. To export the Private key file from the .pfx fileopenssl pkcs12 -in filename.p12  -nocerts -out privatekey.key2. To export the Certificate file from the .pfx file openssl pkcs12 -in filename.p12 -clcerts -nokeys -out sslcert.crt

filename.p12 (is your existing IIS PFX file)privatekey.key (is your new exported private key file)ssl.crt

3. […]

How do I convert a .pfx to be used with an Apache server?

How do I convert my .pfx file to be used with an Apache server?

Answer:

The Apache server will require the following two files:

1 – Server.ker : the private key associated with the certificate2 – Server.crt :  the public SSL certificate issued by Entrust

Using Open SSL, you can extract the certificate and private […]

Convert an OpenSSL (Apache) SSL Certificate to a PKCS12 (Tomcat)

Convert the Key to a PKCS12 Key. This will prompt you for a password which you will need when you change the Tomcat configuration.

openssl pkcs12 -export -in /etc/apache2/ssl.crt/somedomain.com.crt -out somedomain.com.pkcs12 -name “somedomain.com” -inkey /etc/apache2/ssl.key/somedomain.com.com.key

Verify that the pkcs12 file contains your key. You should be able to see your certificate’s common name, and various […]