Friday, December 31, 2010

Add SSL to CentOS 

1. #install ssl realted program
yum install mod_ssl openssl

 
2. # generate private key
openssl genrsa -out ca.key 1024 

3. # generae CSR from private key
openssl req -new -key ca.key -out ca.csr

4. # generate self assign certificate
openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt

5. # Copy file to appropiate location
cp ca.crt /etc/pki/tls/certs
cp ca.key /etc/pki/tls/private/ca.key
cp ca.csr /etc/pki/tls/private/ca.csr
 
6. #Edit Apache SSL configuration file
vi +/SSLCertificateFile /etc/httpd/conf.d/ssl.conf

 
7.#Edit following lines 
SSLCertificateFile /etc/pki/tls/certs/ca.crt

SSLCertificateKeyFile /etc/pki/tls/private/ca.key
 
8. #Restart Apache server
service httpd restart
 
9. #create directory for SSL virtual host
cd /var/www
mkdir html
cd /var
mkdir www-ssl
cd www-ssl
mkdir html

10. # To configure HTTPS over port 443 
vi /etc/httpd/conf.d/ssl.conf

11. # Example HTTPS  configuration

     SSLEngine on
     SSLCertificateFile /etc/pki/tls/certs/ca.crt
     SSLCertificateKeyFile /etc/pki/tls/private/ca.key
   
     AllowOverride All
   
     DocumentRoot /var/www-ssl/html
     ServerName FQDN of web server


12. #Restart Apache server

service httpd restart
 
13. #Put html file to /var/www-ssl/html
 
 
at No comments:
Labels:

Sunday, December 19, 2010

Add additional yum source in CentOS 

root@linuxbox ~]# wget http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/x86_64/ius-release-1.0-6.ius.el5.noarch.rpm
root@linuxbox ~]# wget http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/x86_64/epel-release-1-1.ius.el5.noarch.rpm
root@linuxbox ~]# rpm -Uvh ius-release*.rpm epel-release*.rpm
 
yum install yum-plugin-replace
 
yum replace php --replace-with php53
at No comments:
Labels:

Tuesday, August 10, 2010

Add self issued certificate to iPad

Because iPad will not import self issued certificate same as iPhone does when set up an exchange email account. Therefore I used an alternative way to import certificate.
1. In a PC, open web browser and export the certificate to a file with extension .cer that coding is based 64 encoding. Give a meaningful name, e.g. exchange.cer
2. Send this file to a web mail account, I used gmail.
3. Open the email and tap on the attachment, iPad will pop up a window to install profile that is a certificate of the exchange server, click install, a warning will pop up, ignore it and continue by tap on "Install Now", and exit by tap "Done".
4. Setup exchange email account same as iPhone
at No comments:
Labels:
Subscribe to: Posts (Atom)

Prevent or Prohibit Server Drives From Being Visible to Users

  To make changes to this policy for one of the seven default values: Start the Microsoft Management Console. On the Console menu, click  Ad...