Convert .p12 bundle to server certificate and key files

Seperate Private Key and Certificate file

#Generate certificates bundle file

openssl pkcs12 -nokeys -in server-cert-key-bundle.p12 -out server-ca-cert-bundle.pem

#Generate server key file.

openssl pkcs12 -nocerts -nodes -in server-cert-key-bundle.p12 -out server.key

Convert a PKCS#12 file (.pfx .p12) containing a private key and certificates to PEM

openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes



Install iRedmail on a CentOS 6.8 server

We need to set a FQDN hostname before we set up the mail server. On CentOS Linux, hostname is set in two files: Hostname setting:

nano /etc/sysconfig/network

# Part of file: /etc/sysconfig/network

Hostname <=> IP address mapping: /etc/hosts. WARNING: Please list the FQDN hostname as the first item.

# Part of file: /etc/hosts demo localhost localhost.localdomain

Verify the FQDN hostname with command ‘hostname -f’. If you change the hostname, please reboot the server to make it work. Continue reading “Install iRedmail on a CentOS 6.8 server” »


Install Mailtrain Bulk Mailer Application on CentOS 7

Metabase requires at least 1GB of RAM. All the required dependencies will be installed throughout the tutorial. You will need a minimal installation of CentOS 7 with root access on it. If you are logged in as a non-root user, you can run sudo -i to switch to root user.

Update Base System
Before installing any package it is recommended that you update the packages and repository using the following command.

yum -y update

Install Node.js
Node.js is required by Mailtrain as it is built using Nodemailer. Node.js is a very popular JavaScript runtime and Nodemailer is a module for Node.js applications to send emails.

Add Node.js 8.x repository:

curl --silent --location | sudo bash -

Install Node.js.

yum -y install nodejs

Install MariaDB
To store Mailtrain database we will need to install MariaDB. MariaDB is a fork of MySQL
Install MariaDB repository into your system. Continue reading “Install Mailtrain Bulk Mailer Application on CentOS 7” »


Install Mailtrain Mail Marketer Software on Ubuntu 16.04 – Auto Installation

Mailtrain is a self hosted newsletter application built on Node.js (v5+) and MySQL (v5.5+ or MariaDB). Mailtrain supports subscriber list management, list segmentation, custom fields, email templates, large CSV list import files, etc.


  • Nodejs v5+
  • MySQL v5.5 or MariaDB
  • Redis (optional, disabled by default, used only for session storage)

Automatic installation on Ubuntu 16.04
You can download and run in your blank Ubuntu VPS to set up. Mailtrain and all required dependencies (including MySQL). The installation script assumes a somewhat blank server, so if this is a machine you are already using for something else, you might want to skip the automatic install and proceed manually.

If you like living on the edge and feel adventurous you can run the installation script directly from your command line as root:

curl | sudo bash

Install script installs and sets up the following:

  • Node.js (version 6.x)
  • MariaDB (the default version from apt-get)
  • Mailtrain (from the master branch) on port 80
  • UFW firewall that blocks everything besides ports 22, 25, 80, 443
  • ZoneMTA to queue and deliver messages (NB! using ZoneMTA assumes that outgoing port 25 is open which might not be the case on some hosts like on the Google Cloud)Redis server for session cache
  • logrotate to rotate Mailtrain log files
  • upstart or systemd init script to automatically start and manage Mailtrain process

After the install script has finished and you see a success message then you should have a Mailtrain instance running at

Next steps after installation

1. Change admin password
Navigate to where is the address of your server. Click on the Sign In link in the right top corner of the page. Authenticate with the following credentials:

Username: admin
Password: test
Once authenticated, click on your username in the right top corner of the page and select “Account”. Now you should be able to change your default password.

2. Update page configuration
If signed in navigate to and check that all email addresses and domain names are correct. Mailtrain default installation comes bundled with ZoneMTA, so you should be able to send out messages right away. ZoneMTA even handles a lot of bounces (not all kind of bounces though) automatically so you do not have to change anything in the SMTP settings to get going.

3. Set up SPF
If you are using the bundled ZoneMTA then you need to add your Mailtrain host to the SPF DNS record of your sending domain. So if you are sending messages as “” then the domain “” should have a SPF DNS record that points to the IP address or hostname of your Mailtrain host. Everything should work without the SPF record but setting it up correctly improves the deliverability a lot.

4. Set up DKIM
If you are using the bundled ZoneMTA then you can provide a DKIM key to sign all outgoing messages. You can provide the DKIM private key in Mailtrain Settings page. This key is only used by ZoneMTA, so if you are using some other provider then you check your providers’ documentation to see how to set up DKIM. In case of ZoneMTA you only need to open Mailtrain Settings page, scroll to DKIM config section and fill the fields for DKIM selector and DKIM private key. Everything should work without the DKIM signatures but setting it up correctly improves the deliverability a lot.

5. Set up VERP
The bundled ZoneMTA can already handle a large amount of bounces if you use it to deliver messages but not all – namely such bounces that happen after the recipient MX accepts the message for local delivery. This might happen for example when a user exists, so the MX accepts the message but the quota for that user is checked only when actually storing the message to users’ mailbox. Then a bounce message is generated and sent to the original sender which in your case is the mail address you are sending your list messages from. You can catch these messages and mark such recipients manually as bounced but alternatively you can set up a VERP based bounce handler that does this automatically. In this case the sender on the message envelope would not be your actual address but a rewritten bounce address that points to your Mailtrain installation.

To set it up you need to create an additonal DNS MX entry for a bounce domain, eg “” if you are sending from “”. This entry should point to your Mailtrain server IP address. Next you should enable the VERP handling in Mailtrain Settings page.

As ZoneMTA uses envelope sender as the default for DKIM addresses, then if using VERP you need to set up DKIM to your bounce domain instead of sender domain and also store the DKIM key as “bouncedomain.selector.pem” in the ZoneMTA key folder.
If you do not use VERP with ZoneMTA then you should get notified most of the bounces so everything should mostly work without it

6. Set up proper PTR record
If you are using the bundled ZoneMTA then you should make sure you are using a proper PTR record for your server. For example if you use DigitalOcean then PTR is set automatically (it’s the droplet name, so make sure your droplet name is the same as the domain name you are running Mailtrain from). If you use AWS then you can request setting up PTR records using this form (requires authentication). Otherwise you would have to check from your service provider, hot to get the PTR record changed. Everything should work without the PTR record but setting it up correctly improves the deliverability a lot.

7. Ready to send!
With proper SPF, DKIM and PTR records (DMARC wouldn’t hurt either) I got perfect 10/10 score out from MailTester when sending a campaign message to a MailTester test address. I did not have VERP turned on, so the sender address matched return path address.



Librenms Tidbits

To identify and see what’s wrong with the NMS, run and check the problem by issuing-


If RRD files not being updated in rrd folder, check-

./poller.php -h HOSTNAME -d -f -m os

Reset LibreNMS by dropping database-

DROP DATABASE `librenms`;
php build-base.php

Admin password reset (or create new admin user in case you’ve forgotten the existing user)-

./adduser.php <USERNAME> <PASSWORD> 10

If receiving such error while installing Librenms, run-

./scripts/composer_wrapper.php install --no-dev

If you’re having poller issue (assuming cron fails), run-




Install Librenms on Ubuntu 16.04

The first step we must do for installing LibreNMS Monitoring Tools is to install some packages needed on the server. Connect to your server and update the repository.

ssh root@hakase-labs-server
sudo apt update

Install all the required packages for LibreNMS from the Ubuntu repository using the following command.

apt-get install fping imagemagick whois mtr-tiny nmap python-mysqldb snmpd  rrdtool git snmp graphviz python lsb snmp

After the installation is complete, goto the next step.

Install Nginx Webserver
In this tutorial, we will be running LibreNMS under the Nginx web server. Nginx is powerful web server that’s available in the Ubuntu repositories.

Install nginx using apt command from the repository in the following way.

apt install nginx

When it’s done, start the service and enable it to run automatically every time at system boot.

systemctl start nginx
systemctl enable nginx

Nginx web server is running under the default port 80. We can check the port using the netstat command, and check Nginx using curl command to get the HTTP status code, as shown below.

netstat -plntu | grep 80
curl -I localhost

Nginx installation has been completed. Continue reading “Install Librenms on Ubuntu 16.04” »


Install Varnish on Debian 8

We are going to install the latest version of varnish which is 5.2 at the time of writing. In order to install the latest version, we have to download the source and compile it.  You have to install some dependencies to compile the Varnish:

apt-get install make automake autotools-dev libedit-dev libjemalloc-dev libncurses-dev libpcre3-dev libtool pkg-config python-docutils python-sphinx

Now you can download the Varnish from the repository:


You can also download and install other release from here:

Extract the “tar.gz” file with the command below:

tar xvzf varnish-5.*.tar.gz

Switch to the extracted directory and start compiling: Continue reading “Install Varnish on Debian 8” »


Windows 10 Saving Spotlight Images

The most aesthetic part of windows 10 is the spotlight images on login screen. Few of them were really too mind blowing that I wanted to save and keep it as a wallpaper! So, here’s the hack on how to do it-

Navigate to the following folder (or just copy the path below and paste it into the File Explorer address bar):


Note that the %userprofile% part of that path automatically jumps you to the user folder for the currently logged in user (by default at C:\Users\<username> ). In the folder, you’re going to see a whole bunch of files with long, meaningless file names and no extensions. Some of these are the image files you’re looking for; many are not.

Continue reading “Windows 10 Saving Spotlight Images” »


Apache Virtual Hosts on Debian 8

Step 1 — Creating the Directory Structure

The first step that we are going to take is to make a directory structure that will hold the site data that we will be serving to visitors.

Our document root, the top-level directory that Apache looks at to find content to serve, will be set to individual directories under the /var/www directory. We will create a directory for each of the virtual hosts we’ll configure.

Within each of these directories, we’ll create a folder called public_html that will hold the web pages we want to serve. This gives us a little more flexibility in how we deploy more complex web applications in the future; the public_html folder will hold web content we want to serve, and the parent folder can hold scripts or application code to support web content.

Create the directories using the following commands:

sudo mkdir -p /var/www/
sudo mkdir -p /var/www/

Since we created the directories with sudo, they are owned by our root user. If we want our regular user to be able to modify files in our web directories, we change the ownership, like this: Continue reading “Apache Virtual Hosts on Debian 8” »


Build NFS Server on CentOS 7

As the first step, we will install these packages on the CentOS server with yum:

yum install nfs-utils

Now create the directory that will be shared by NFS:

mkdir /var/nfsshare

Change the permissions of the folder as follows:

chmod -R 755 /var/nfsshare
chown nfsnobody:nfsnobody /var/nfsshare

We use /var/nfsshare as shared folder, if we use another drive such as the /home directory, then the permission chnges will cause a massive permissions problem and ruin the whole hierarchy. So in case we want to share the /home directory then permissions must not be changed. Next, we need to start the services and enable them to be started at boot time.  Continue reading “Build NFS Server on CentOS 7” »


Install webmin in Centos 7

Step 1 — Installing Webmin

First, we need to add the Webmin repository so that we can easily install and update Webmin using our package manager. We do this by adding a new file called /etc/yum.repos.d/webmin.repo that contains information about the new repository.

Create and open this new file using your text editor:

sudo vi /etc/yum.repos.d/webmin.repo

Then add these lines to the file to define the new repository:

name=Webmin Distribution Neutral

Save the file and exit the editor. Next, add the Webmin author’s PGP key so that your system will trust the new repository: Continue reading “Install webmin in Centos 7” »