Convert .p12 bundle to server certificate and key files

Seperate Private Key and Certificate file

#Generate certificates bundle file

openssl pkcs12 -nokeys -in server-cert-key-bundle.p12 -out server-ca-cert-bundle.pem

#Generate server key file.

openssl pkcs12 -nocerts -nodes -in server-cert-key-bundle.p12 -out server.key

Convert a PKCS#12 file (.pfx .p12) containing a private key and certificates to PEM

openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes

Create a .pfx/.p12 certificate file using OpenSSL

openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt

Src: https://www.sslshopper.com/article-most-common-openssl-commands.html

Share

PFSense SNMP Configuration

Open a browser software, enter the IP address of your Pfsense firewall and access web interface. In our example, the following URL was entered in the Browser:

https://192.168.15.11

The Pfsense web interface should be presented. After a successful login, you will be sent to the Pfsense Dashboard.

Access the Pfsense Services menu and select the SNMP option. Continue reading “PFSense SNMP Configuration” »

Share

Allow Ping on PFSense WAN interface

This article shows you how to allow ##ping## on the WAN side of your pfSense firewall. By default, ping to WAN address is disabled on pfSense for security reason. However, you may want to allow ping for different reasons, here is how:

# Login to pfSense
# Open Firewall > Rules.


# Change Interface to wAN.
# Change Protocol to ICMP. Continue reading “Allow Ping on PFSense WAN interface” »

Share

Install Percona Monitoring and Management using Docker

You can any distribution for installation- Rocky/Alma/CentoS 8 Stream. I assume you’ll use anyone of these instance.

Step 1: Add Docker Repository

Docker is not yet available on default repositories. Thankfully, an official repository has been provided by developers and we are going to add it first to the system. On your terminal, run the following command to add the Docker repository

$ sudo dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo

Step 2: Install Docker in Rocky Linux/AlmaLinux

Moving on, we are going to install the Docker community edition which is freely available for download and use. But first, update the packages.

$ sudo dnf update

Next, run the command below to install Docker CE, the command-line interface (CLI), and other essential tools and dependencies. Continue reading “Install Percona Monitoring and Management using Docker” »

Share

VPNGATE from SoftEther Community

VPN Gate Academic Experiment Project is an online service as an academic research at Graduate School of University of Tsukuba, Japan. The purpose of this research is to expand the knowledge of “Global Distributed Public VPN Relay Servers” .

How does VPN Gate work?

  • VPN Gate network consists of many VPN servers, which are provided by volunteers around the world.
  • You can provide your own computer as a VPN server to join this experiment.
  • Windows, Mac, iPhone, iPad and Android are supported.
  • Supports SSL-VPN (SoftEther VPN) protocol, L2TP/IPsec protocol, OpenVPN protocol and Microsoft SSTP protocol.
  • Anonymous connections are accepted.
  • No user registrations are required.
  • Each VPN server has a dynamic IP address. Therefore it may change at random period.
  • VPN servers appear and disappear at any time. Therefore, an IP address may not always connect to a VPN server.
  • All VPN servers are capable of routing your traffic to the Internet, so you can disguise your real IP address.

So try it, read it on more details at: https://www.vpngate.net/en/

Share

SSH Key-Pair Authentication

Create Key-Pair by each user, so login with a common user on SSH Server Host and work like follows.

# create key-pair
debian@dlp:~$ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/debian/.ssh/id_rsa): # Enter or input changes if you want
Created directory '/home/debian/.ssh'.
Enter passphrase (empty for no passphrase): # set passphrase (if set no passphrase, Enter with empty)
Enter same passphrase again:
Your identification has been saved in /home/debian/.ssh/id_rsa
Your public key has been saved in /home/debian/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:H+lFm+3c93VekrLiFCYAwoWDUVs43s4JEze8wr8QzG8 debian@dlp.srv.world
The key's randomart image is:
.....
.....

debian@dlp:~$ll ~/.ssh

total 8
-rw------- 1 debian debian 2655 Aug 17 13:48 id_rsa
-rw-r--r-- 1 debian debian 574 Aug 17 13:48 id_rsa.pub
debian@dlp:~$mv ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys

Transfer the private key created on the Server to a Client, then it’s possible to login with Key-Pair authentication. Below is an example to connect from a linux shell. Continue reading “SSH Key-Pair Authentication” »

Share

Remove DNSCACHE from zimbra services.

If you will get a prompt stating something like “Port conflict detected: 53 (zimbra-dnscache)” with a prompt to hit ENTER to continue, you can just hit enter and let the installation/upgrade run out. Once everything is running, you will see that the Zimbra DnsCahe service is in a stopped state. To fix this error, all you have to do is

# zmcontrol status
# zmprov ms `zmhostname` -zimbraServiceEnabled dnscache
# zmprov ms `zmhostname` -zimbraServiceInstalled dnscache
# zmcontrol status

You will see that the service is removed from Zimbra’s Services.

[zimbra@mail root]$ zmcontrol status
Host mail.server.lan
amavis Running
antispam Running
antivirus Running
ldap Running
logger Running
mailbox Running
memcached Running
mta Running
opendkim Running
proxy Running
service webapp Running
snmp Running
spell Running
stats Running
zimbra webapp Running
zimbraAdmin webapp Running
zimlet webapp Running
zmconfigd Running
Share

Redirect all request to public/ folder in laravel 5

There are two solutions:

1. Using .htaccess with mod_rewrite

RewriteEngine on
RewriteCond %{REQUEST_URI} !^public
RewriteRule ^(.*)$ public/$1 [L]

2. You can add a index.php file containing the following code and put it under your root Laravel folder (public_html folder).

<?php
header('Location: public/');

Src: https://stackoverflow.com/questions/38040502/how-do-you-redirect-all-request-to-public-folder-in-laravel-5

Share

Install MySQL 5.7 on CentOS 7

Preqrequsite:

It’s better to have installed development tools and disable NetworkManager for a produciton envrionment. You can optionally follow the steps-

Disabling NetworkManager:

systemctl stop NetworkManager
systemctl disable NetworkManager

Install Development Tools:

yum group install "Development Tools"

Remove MariaDB pre-installed libraries-

yum -y remove mariadb-libs

Enable MySQL Repository

First of all, You need to enable MySQL 5.7 community release yum repository on your system. The rpm packages for yum repository configuration are available on MySQL’s official website.

First of all, import the latest MySQL GPG key to your system.

sudo rpm --import https://repo.mysql.com/RPM-GPG-KEY-mysql-2022

Now, use one of the below commands to configure the Yum repository as per your operating system version. Continue reading “Install MySQL 5.7 on CentOS 7” »

Share