Convert .p12 bundle to server certificate and key files

Seperate Private Key and Certificate file

#Generate certificates bundle file

openssl pkcs12 -nokeys -in server-cert-key-bundle.p12 -out server-ca-cert-bundle.pem

#Generate server key file.

openssl pkcs12 -nocerts -nodes -in server-cert-key-bundle.p12 -out server.key

Convert a PKCS#12 file (.pfx .p12) containing a private key and certificates to PEM

openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes

Create a .pfx/.p12 certificate file using OpenSSL

openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt



Varnish sample vcl for rtmp / m3u8 stream

vcl 4.0;
import std;
backend default {
.host = "";
.port = "8090";
acl purge {
sub vcl_recv {
if(req.method == "PURGE"){
if (!client.ip ~ purge) {
return(synth(405,"Not allowed."));
return (purge);
return (hash);

sub vcl_backend_response {

if (bereq.url ~ "m3u8") {
# assuming chunks are 2 seconds long
set beresp.ttl = 1s;
set beresp.grace = 0s;
} else {
set beresp.ttl = 10m;
set beresp.grace = 5m;

Centos disk XFS xfs_repair

  1. During bootup, when the GRUB2 menu shows up, press the e key for edit
  2. Add the following parameter at the end of the linux16 line, after quiet:
  3. Press Ctrl+x to boot the system with the parameter.
  4. first find your device UUID in /dev/disk/by-uuid
  5. umount
    umount /dev/disk/by-uuid/198s5364-a29c-429e-b16d-e772acd
  6. repair
    xfs_repair /dev/disk/by-uuid/198s5364-a29c-429e-b16d-e772acd


sometimes you have to force it by deleting the log file

xfs_repair -L /dev/disk/by-uuid/198s5364-a29c-429e-b16d-e772acd

Install pfSense Qemu Guest Agent

Software Versions

The following software versions were used in this post.

  • pfSense Community Edition – 2.6.0
  • QEMU Guest Agent – 5.0.1

Install the qemu-guest-agent package.

pkg install -y qemu-guest-agent

Once installed, there is a note on how to setup the agent.

Modify your `/etc/rc.conf` by adding these settings

qemu_guest_agent_flags="-d -v -l /var/log/qemu-ga.log"

and run Continue reading “Install pfSense Qemu Guest Agent” »


Installing new fonts in Collabora

For the core MS fonts:

sudo apt-get install ttf-mscorefonts-installer

You may be asked to accept the license agreement, i was not asked.

They end up in /usr/share/fonts/truetype/msttcorefonts

Next is to install the clear types such as calibri

This is a bit different but can be done with the vista fonts installer script. Make sure you have the appropriate permissions.

Create a .font folder as the script needs that. Continue reading “Installing new fonts in Collabora” »


Install Collabora Online on Ubuntu 20 for Nextcloud

First, log in to your Ubuntu 20.04 server through SSH as the root user or any other user with sudo privileges:

ssh root@IP_Address -p Port_number

You will need to replace ‘IP_Address‘ and ‘Port_number‘ with your server’s respective IP address and SSH port number. Additionally, replace ‘root’ with the username of the system user with sudo privileges.

You can check whether you have the proper Debian version installed on your server with the following command:

$ lsb_release -a

You should get this output:

No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 20.04.3 LTS
Release: 20.04
Codename: focal

Before starting, you have to make sure that all Ubuntu OS packages installed on the server are up to date. You can do this by running the following commands: Continue reading “Install Collabora Online on Ubuntu 20 for Nextcloud” »


Install OnlyOffice 7 on Ubuntu 22

Install OnlyOffice Document Server on Ubuntu

OnlyOffice document server depends on PostgreSQL, Node.js, Redis Server, RabbitMQ server and Nginx. The following steps are tested on a Ubuntu 22.04 server but should also be applicable to Linux distributions in the Debian family.

Install PostgreSQL on Ubuntu

PostgreSQL is available from the default Ubuntu repository. The PostgreSQL team always strives to make performance improvements with every new version. Run the following commands to install the latest version of PostgreSQL from the repository.

echo "deb [signed-by=/etc/apt/keyrings/postgresql.asc] $(lsb_release -cs)-pgdg main" | sudo tee /etc/apt/sources.list.d/pgdg.list
sudo mkdir -p /etc/apt/keyrings/
wget --quiet -O - | sudo tee /etc/apt/keyrings/postgresql.asc
sudo apt update
sudo apt install -y postgresql postgresql-contrib postgresql-15 postgresql-client-15
sudo -i -u postgres psql -c "CREATE DATABASE onlyoffice;"
sudo -i -u postgres psql -c "CREATE USER onlyoffice WITH password 'onlyoffice';"
sudo -i -u postgres psql -c "GRANT ALL privileges ON DATABASE onlyoffice TO onlyoffice;"

Note: Both the username and password must be onlyoffice. Continue reading “Install OnlyOffice 7 on Ubuntu 22” »


Troubled with broken Unicode Bengali fonts on onlyoffice document server

I was observing an issue on using bengali unicode font on my nextcloud integrated onlyoffice server. After spening a lot hours over google- I found the following pieces of information-

I was using onlyoffice server version 6.2 and on which the bengali font gets obfuscated and broken.

After reading the post entry on this site- was now sure why it was troubling me. Someone said- “Version 7.2 support Bengali script. And a lot of new functionality with text shaping.” Gotcha!

Next, wanted to upgrade my current 6.2 to 7.3 (at the time I am writing). Followed this procedure with no luck- Continue reading “Troubled with broken Unicode Bengali fonts on onlyoffice document server” »


Install Apache2, PHP 7.2 and MariaDB 10.5 on Debian 11

First, update all the packages of the system by below-mentioned command:

sudo apt update

After updating packages, now install the dependencies required by the below-mentioned command:

sudo apt install software-properties-common ca-certificates lsb-release apt-transport-https

Enable SURY Repository

The following step is to integrate the SURY repository into our system. SURY is a Debian-based third-party PHP repository that bundles PHP software, run the following command to add SURY repository: Continue reading “Install Apache2, PHP 7.2 and MariaDB 10.5 on Debian 11” »


Configure Zimbra to use SendGrid as Smarthost

Switch to user Zimbra

su zimbra

Add credentials to relay_password file:

nano /opt/zimbra/conf/relay_password

Add: yourSendGridUsername:yourSendGridPassword

Apply configuration to Zimbra

postmap /opt/zimbra/conf/relay_password
postmap -q /opt/zimbra/conf/relay_password
zmprov ms `zmhostname` zimbraMtaSmtpSaslPasswordMaps lmdb:/opt/zimbra/conf/relay_password
zmprov ms `zmhostname` zimbraMtaSmtpSaslAuthEnable yes
zmprov ms `zmhostname` zimbraMtaSmtpCnameOverridesServername no
zmprov ms `zmhostname` zimbraMtaSmtpTlsSecurityLevel may
zmprov ms `zmhostname` zimbraMtaSmtpSaslSecurityOptions noanonymous
zmprov ms `zmhostname` zimbraMtaRelayHost

Now wait for a couple of minutes and start testing it by sending out some test mails. Follow the log file to see if it works or not:

tail -f /var/log/zimbra.log

Extreme slow internet speed pfsense over proxmox

For a qemu proxmox guest PFSense acts weriedly with the network speed- it gets extremely slow. So her goes the little tweaks that worked for me-

First, I chose Intel E1000 Interfaces instead VirtIO.

Second, in the PFSense webconsole-

In pfSense GUI, System > Advanced > Networking > Tick on-

  • Disable hardware checksum offload
  • Disable hardware TCP segmentation offload
  • Disable hardware large receive offload