Step by step method to create a SSL certificate for your websites

cd  /etc/apache2/ssl/client

Run following commands

openssl genrsa -des3 -out client.key 1024
openssl req -new -key client.key -out client.crs
openssl ca -in client.crs -cert ../ca/ca.crt -keyfile ../ca/ca.key -out client.crt
openssl pkcs12 -export -clcerts -in client.crt -inkey client.key -out client.p12



Importing Certs in Browser

Make sure to enter the password which was assigned during cert creation.

FireFox

1) Remove your current Certificates.
Firefox : Preferences > Advanced > Encryption > View Certificates > Your Certificates > Select Certificates and Delete.
2) Import : select client.p12 password: test123

Chrome

1) Remove your current Certificates.
   Chrome > Preferences > Under the Hood > Manage Certificates > Remove current one..and import the new one.
2) Import  select  Import : select client.p12 password: test123
 
No comments:
Labels: , , ,

How to troubleshoot IP conflicts between Servers / Systems

when we have ip conflicts between two Systems/Servers and you dont know what server ping is responding. Just give below command it requires nmap to be installed

nmap -sV -O -v ipaddress

From the below i found that the response is coming from Server1.demo.com and more to it we
can also see what operating system it is running and what are the open ports of that server.

root@naresh:/home/cp# nmap -sV -O -v 192.168.1.12


Starting Nmap 5.00 ( http://nmap.org ) at 2011-11-14 15:27 IST
NSE: Loaded 3 scripts for scanning.
Initiating ARP Ping Scan at 15:27
Scanning 192.168.1.12 [1 port]

Completed ARP Ping Scan at 15:27, 0.02s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 15:27
Completed Parallel DNS resolution of 1 host. at 15:27, 0.03s elapsed
Initiating SYN Stealth Scan at 15:27
Scanning 192.168.1.12 [1000 ports]
Discovered open port 3306/tcp on 192.168.1.12
Discovered open port 111/tcp on 192.168.1.12
Discovered open port 80/tcp on 192.168.1.12
Discovered open port 25/tcp on 192.168.1.12
Discovered open port 8080/tcp on 192.168.1.12
Discovered open port 53/tcp on 192.168.1.12
Discovered open port 443/tcp on 192.168.1.12
Discovered open port 8009/tcp on 192.168.1.12
Discovered open port 2049/tcp on 192.168.1.12

Completed SYN Stealth Scan at 15:27, 0.04s elapsed (1000 total ports)
Initiating Service scan at 15:27
Scanning 9 services on 192.168.1.12

Completed Service scan at 15:28, 46.06s elapsed (9 services on 1 host)
Initiating OS detection (try #1) against 192.168.1.12
NSE: Script scanning 192.168.1.12.
NSE: Script Scanning completed.
Host 192.168.1.12 is up (0.000088s latency).
Interesting ports on 192.168.1.12:

Not shown: 991 closed ports
PORT     STATE SERVICE    VERSION
25/tcp   open  smtp       Postfix smtpd
53/tcp   open  tcpwrapped
80/tcp   open  http       Apache httpd 2.2.12 ((Ubuntu))
111/tcp  open  rpcbind
443/tcp  open  ssl/http   Apache httpd 2.2.12 ((Ubuntu))
2049/tcp open  rpcbind
3306/tcp open  mysql      MySQL 5.1.37-1ubuntu5.5
8009/tcp open  ajp13?
8080/tcp open  http       Apache Tomcat/Coyote JSP engine 1.1
MAC Address: 00:25:90:62:4B:62 (Super Micro Computer)
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux 2.6.24 - 2.6.28
Uptime guess: 0.113 days (since Mon Nov 14 12:45:28 2011)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=197 (Good luck!)
IP ID Sequence Generation: All zeros
Service Info: Host:  Server1.demo.com
No comments:
Labels: , , , ,
Subscribe to: Posts (Atom)