Convert .p12 bundle to server certificate and key files

Seperate Private Key and Certificate file

#Generate certificates bundle file

openssl pkcs12 -nokeys -in server-cert-key-bundle.p12 -out server-ca-cert-bundle.pem

#Generate server key file.

openssl pkcs12 -nocerts -nodes -in server-cert-key-bundle.p12 -out server.key

Convert a PKCS#12 file (.pfx .p12) containing a private key and certificates to PEM

openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes

Create a .pfx/.p12 certificate file using OpenSSL

openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt



Mounting OCI bucket on CentOS 7 Linux

Install s3fs-fuse

In order to use this you have to enable EPEL Repository-

sudo yum install epel-release
sudo yum install s3fs-fuse
[opc@linux8 ~]$ sudo yum install s3fs-fuse
Last metadata expiration check: 0:00:41 ago on Sun 15 May 2022 05:40:13 PM CST.
Dependencies resolved.
Package Architecture Version Repository Size
s3fs-fuse x86_64 1.91-1.el8 ol8_developer_EPEL 273 k
Installing dependencies:
fuse x86_64 2.9.7-12.0.4.el8 ol8_baseos_latest 84 k
fuse-common x86_64 3.2.1-12.0.4.el8 ol8_baseos_latest 22 k

Transaction Summary
Install 3 Packages

Total download size: 379 k
Installed size: 856 k
Is this ok [y/N]: y
fuse-2.9.7-12.0.4.el8.x86_64 fuse-common-3.2.1-12.0.4.el8.x86_64 s3fs-fuse-1.91-1.el8.x86_64


Continue reading “Mounting OCI bucket on CentOS 7 Linux” »


Nginx Reverse Proxy with Sub Directory Mapping

Setup Note:

My web application has a sub-directory,, that I want to expose to the outside world as I’ve gotten half way there but I seem to be stuck. My requirements are as follows

  • Redirect the site from HTTP to HTTPS.
  • As I cannot edit the links the web application generates, I need to be able to accept requests from the client such as
  • Do not allow reverse proxy access to the root web application, or to any sub-directory other than and its children.

Continue reading “Nginx Reverse Proxy with Sub Directory Mapping” »


Rsync upload local files without replacing remote files

This is basically one way sync- use at your own risk and dry run before any production deployment.

Suppose you have a list of files on a remote host, some of which already exist locally. What you want is to transfer only those files that are not found locally. If you blindly run scp with wildcard, it would fetch all remote files (existing as well as non-existing files), and overwrite existing local files. You want to avoid this.

In another similar situation, you may want to upload local files to a remote site, but without replacing any remote files. 

Using rsync:

If the local and remote hosts have rsync installed, using rsync will be the easiest way to copy only new files over, since rsync is designed for incremental/differential backups. Continue reading “Rsync upload local files without replacing remote files” »


OpenVPN installer on CentOS 7

Server Requirement: Centos 7 x86_64


$ cd /tmp/ && yum install git -y && git clone && cd OpenVPN-AS-Unlimited/ && sed -i -e 's/\r$//' && chmod 755 && ./

Once installed go to-

login: openvpn
pass: <your_password_during_installation>

After first login, “Agree” to the terms.

Now go to Authentiction > General > Turn on PAM Continue reading “OpenVPN installer on CentOS 7” »


Postfix to allow Mail Relay from a Trusted IP

Make sure smtpd_recipient_restrictions has permit_mynetworks, something like this:

smtpd_recipient_restrictions = permit_mynetworks,<more>

This is the default, but if you have -o smtpd_recipient_restrictions=something on an smtpd line in then it will override setting.

A sample configuration that worked for me is as below-

smtp inet n - n - - smtpd
-o smtpd_sasl_auth_enable=yes
-o smtpd_reject_unlisted_sender=yes
-o smtpd_recipient_restrictions=permit_sasl_authenticated,permit_mynetworks,reject
# -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
-o broken_sasl_auth_clients=yes

Install phpSysInfo on Debian/Ubuntu

Log into the Debian/Ubuntu device

Run the following commands in a terminal:# update repositories and install any available software updates

sudo apt update
sudo apt upgrade
# install Apache HTTPD
sudo apt install apache2
# install PHP components
sudo apt install php7.3 php7.3-xml
# download phpSysInfo
# extract
sudo unzip -d /var/www/html
# rename the extracted folder
sudo mv /var/www/html/phpsysinfo-3.3.2 /var/www/html/phpsysinfo
# make a copy of phpsysinfo.ini
sudo cp /var/www/html/phpsysinfo/ /var/www/html/phpsysinfo/phpsysinfo.ini
# set the owner of the new phpsysinfo directory to www-data
sudo chown -R www-data:www-data /var/www/html/phpsysinfo
sudo systemctl restart apache2

Open a web browser and navigate to http://DNSorIP/phpsysinfo


Oracle Linux 8: How To Access the GRUB

Reboot or start the instance.

After the console screen is blank, there is only one or two seconds to press <escape key>. Press it several times as quickly as possible.

If escape was pressed successfully, the Boot menu will be displayed, if not try again.

Note that it is possible that instead of the Boot menu, a BIOS is displayed:

In that case, navigate to “Continue”, press Enter followed by Escape.


How to unlock openvpn users

Go to /usr/local/openvpn_as/scripts/ directory with root privileges.

Reset all lockout policy lockouts now:

./sacli --key "vpn.server.lockout_policy.reset_time" --value "1" ConfigPut
./sacli start
sleep 2
./sacli --key "vpn.server.lockout_policy.reset_time" ConfigDel
./sacli start

Install ZFS on Ubuntu

Installing ZFS Filesystem on Ubuntu

We will be using the command line Terminal application for the installation of the ZFS filesystem. To launch the command line Terminal, use the Ctrl+Alt+T keyboard shortcut. Now to install the ZFS filesystem on Ubuntu, issue the following command in Terminal:

$ sudo apt install zfsutils-linux

When prompted for the password, provide the sudo password.

After running the above command, the system might ask for confirmation that if you want to continue the installation or not. Press y to continue; after that, the package will be installed on your system. To verify ZFS file system installation, issue the following command in Terminal:

$ which zfs

You will see the output similar to the following:

Creating the ZFS storage pool

After the installation is completed, we will now create a storage pool for our drives. Here are the steps to do so:

1. First, find out the names of the drives for the pool. Use the following command in Terminal to do so: Continue reading “Install ZFS on Ubuntu” »