Categories

A sample text widget

Etiam pulvinar consectetur dolor sed malesuada. Ut convallis euismod dolor nec pretium. Nunc ut tristique massa.

Nam sodales mi vitae dolor ullamcorper et vulputate enim accumsan. Morbi orci magna, tincidunt vitae molestie nec, molestie at mi. Nulla nulla lorem, suscipit in posuere in, interdum non magna.

iptables Rules

Block IP traffic from an specific IP or Network.

Block from an IP

iptables -A INPUT -s 11.22.33.44 -j DROP

If you want to block only on an specific NIC

iptables -A INPUT -s 11.22.33.44 -i eth0 -j DROP

Or an specific port

iptables -A INPUT -s 11.22.33.44 -p tcp -dport 22 -j DROP

Using […]

Forwarding Email to another host via Qmail

Today I needed to relay/forward all Email from one Server (Server A) to another Server (Server B). Server A is running Qmail (on CentOS). Server B is running company smartermail.

After googling and searching, I found a site teaches “forwarding Email to another host” using Qmail. I tried, as the article recommends setting up a […]

Resetting MySQL Root Password: Red Hat and CentOS

If you’ve forgotten your MySQL root password (or are involved with some nefarious activity), here is how you can reset that password on a Red Hat (RHEL) system or a CentOS system:

Stop MySQL:

root#  service mysqld stop

Start MySQL in safe mode:

root#  mysqld_safe –skip-grant-tables &

Log into MySQL as root:

[…]

7zip

zip is a nice, cross-platform compression software, similar in purpose to WinZip or GZip.  &zip can create and extract those .zip and .gz (and tar.gz) files, but it uses LZMA for its own native compression, which is a much more modern compression format.  (if you’re using .rar, please stop already).

  Use 7zip to create […]

Openssl Howto for Apache

 

Display Certificate Subject name in readable format

openssl x509 -in CERTIFICATE_FILE -noout -subject -nameopt multiline,-lname,-align

Top

To verify a certificate chain

openssl verify CERTIFICATE_FILE

 

The file CERTIFICATE_FILE contain the intermediate certificate first and the servers certificate.

Check your Certificate using the Certificate Check tool at the bottom of the page

Top

[…]

OpenSSL Commands to Convert SSL Certificates on Your Machine

Convert PEM to DER

openssl x509 -outform der -in certificate.pem -out certificate.der

Convert PEM to P7B

openssl crl2pkcs7 -nocrl -certfile certificate.cer -out certificate.p7b -certfile CACert.cer

Convert PEM to PFX

openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt

OpenSSL Convert DER

Convert DER to PEM

openssl x509 -inform der -in certificate.cer […]

Convert the PFX file for Apache

Run the following command using OPENSSL:

1. To export the Private key file from the .pfx fileopenssl pkcs12 -in filename.p12  -nocerts -out privatekey.key2. To export the Certificate file from the .pfx file openssl pkcs12 -in filename.p12 -clcerts -nokeys -out sslcert.crt

filename.p12 (is your existing IIS PFX file)privatekey.key (is your new exported private key file)ssl.crt

3. […]

How do I convert a .pfx to be used with an Apache server?

How do I convert my .pfx file to be used with an Apache server?

Answer:

The Apache server will require the following two files:

1 – Server.ker : the private key associated with the certificate2 – Server.crt :  the public SSL certificate issued by Entrust

Using Open SSL, you can extract the certificate and private […]

Convert an OpenSSL (Apache) SSL Certificate to a PKCS12 (Tomcat)

Convert the Key to a PKCS12 Key. This will prompt you for a password which you will need when you change the Tomcat configuration.

openssl pkcs12 -export -in /etc/apache2/ssl.crt/somedomain.com.crt -out somedomain.com.pkcs12 -name “somedomain.com” -inkey /etc/apache2/ssl.key/somedomain.com.com.key

Verify that the pkcs12 file contains your key. You should be able to see your certificate’s common name, and various […]