Convert .p12 bundle to server certificate and key files

Seperate Private Key and Certificate file

#Generate certificates bundle file

openssl pkcs12 -nokeys -in server-cert-key-bundle.p12 -out server-ca-cert-bundle.pem

#Generate server key file.

openssl pkcs12 -nocerts -nodes -in server-cert-key-bundle.p12 -out server.key

Convert a PKCS#12 file (.pfx .p12) containing a private key and certificates to PEM

openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes

Create a .pfx/.p12 certificate file using OpenSSL

openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt

Src: https://www.sslshopper.com/article-most-common-openssl-commands.html

Share

How to Install and Configure GitLab on Ubuntu 16.04

GitLab is an open source GIT repository manager based on Rails and developed by GitLab Inc. It is a web-based GIT repository manager that allows your team to work on code, track bugs and feature requests and to test and deploy applications. GitLab provides features like a wiki, issue tracking, code reviews, activity feeds and merge management. It is capable of hosting multiple projects.

GitLab is available in four editions:

  • Gitlab CE (Community Edition) – self-hosted, free and support from the Community forum.
  • Gitlab EE (Enterprise Edition) – self-hosted, paid app, comes with additional features.
  • GitLab.com – SaaS, free.
  • GitLab.io – Private GitLab instance managed by GitLab Inc.

In this tutorial, I will show you step-by-step how to install GitLab CE (Community Edition) on your own Ubuntu 16.04 Xenial Xerus server. In this tutorial, I will be using the ‘omnibus’ package provided by GitLab for easy installation.

What we will do:

  • Install Packages
  • Install GitLab
  • Configure GitLab URL
  • Generate SSL Let’s encrypt and DHPARAM Certificate
  • Enable Nginx HTTPS for GitLab
  • Configure UFW Firewall
  • Perform the GitLab Installation
  • Testing

Prerequisites

  • Ubuntu 16.04 Server – 64bit
  • Min RAM 2GB
  • Root Privileges

Step 1 – Install required Ubuntu Packages
The first step is to install the packages needed for the GitLab installation. Please log in to the server as root user and upddate the Ubuntu repository.

ssh root@GitLabServer
apt-get update

Now install the packages including curl for downloading the GitLab repository, ca-certificates, and postfix for the SMTP configuration. Install all packages with the apt command below.

sudo apt install curl openssh-server ca-certificates postfix

During postfix installation, you will be prompted about the configuration, select ‘Internet Site’. and then enter the server domain name that shall be used for sending an email. Continue reading “How to Install and Configure GitLab on Ubuntu 16.04” »

Share

Add a User To Group www-data ( Apache Group )

The procedure is as follows:

  • Open the terminal application.
  • Login to Ubuntu server using ssh.
  • Add a new user named foo to www-data group by running useradd -g www-data foo command.
  • Add an existing user bar to Apache’s www-data group on Ubuntu using usermod -a -G www-data bar command.
  • Verify new modification on Linux by using the id command.

Let us see all commands in details.

How to see a list of www-data members

To see list of all members of a group named www-data, run the following grep command on /etc/group file:

grep ^www-data /etc/group

Sample outputs:

www-data:x:33:

How do I add an existing user named vivek to group Apache group www-data? Continue reading “Add a User To Group www-data ( Apache Group )” »

Share

Install Laravel 5 Framework on Ubuntu 18.04 & 16.04

Below is the system requirements for the installation of latest Laravel application on your system.

PHP >= 7.2
OpenSSL PHP Extension
PDO PHP Extension
Mbstring PHP Extension
Tokenizer PHP Extension
XML PHP Extension
Ctype PHP Extension
JSON PHP Extension
BCMath PHP Extension

Step 1 – Install LAMP

To start with Laravel, we first need to set up a running LAMP server. If you have already running LAMP stack skip this step else use followings commands to set up the lamp on Ubuntu system.

sudo apt-get install python-software-properties
sudo add-apt-repository ppa:ondrej/php
sudo apt-get update
sudo apt-get install -y php7.2 php7.2-mcrypt php7.2-gd php7.2-mbstring php7.2-xml

Install PHP Mcrypt Extension & Install Apache2

sudo apt-get install apache2 libapache2-mod-php7.2

Install MySQL

sudo apt-get install mysql-server php7.2-mysql

Step 2 – Install Composer

The composer is required for installing Laravel dependencies. So use below commands to download and use as a command in our Continue reading “Install Laravel 5 Framework on Ubuntu 18.04 & 16.04” »

Share

Resizing a VirtualBox Virtual Hard Disk

Prerequisites
Before you start this procedure you’ll need to do the following.

  • Make sure you have the VBoxManage command-line tool installed on your host system.
  • Download the ISO for a GParted Live CD or else a Linux Live CD using a Linux distribution that includes the GParted partition editor utility.
  • IMPORTANT: If the virtual disk you want to resize is attached to a virtual machine with snapshots, you will need to delete these snapshots so that all disk state information is merged into the base virtual disk VDI file.
  • Resize the virtual disk (VirtualBox version 4.0+ only)
    If you are using VirtualBox version 4.0 or later, you can resize the logical capacity of a virtual disk using the VBoxManage modifyhd –resize command.

On the host system, run the following command:

cd /path/to/vbox/disks
VBoxManage modifyhd OldDisk.vdi –-resize 30000

where OldDisk.vdi is the filename of the virtual disk VDI file you want enlarge and 30000 is the new maximum size (in megabytes) of the virtual disk.

If your host OS is Windows, then the commands you need to enter at the Command Prompt will look more like the following. Continue reading “Resizing a VirtualBox Virtual Hard Disk” »

Share

How to Setup a Multi-Protocol VPN Server Using SoftEther

SoftEther VPN is one of the world’s most powerful and easy-to-use multi-protocol VPN software, made by the good folks at the University of Tsukuba, Japan. It runs on Windows, Linux, Mac, FreeBSD and Solaris and is freeware and open-source. You can use SoftEther for any personal or commercial use free of charge.

Step 1: Create a Virtual Server

First, you need to create a DigitalOcean Droplet. As mentioned in SoftEther’s website, SoftEther will work on almost every Linux distro with kernel v2.4 or above,; however it’s recommended to choose one of these distributions: CentOS, Fedora, or Red Hat Enterprise Linux.

Personally I have tried it on Ubuntu, CentOS and Fedora, both 32 and 64 bit editions, and it has worked perfectly.

Step 2: Update your Server Software

Using the command below, update and upgrade your server software packages to the latest version:

Debian / Ubuntu:

apt-get update && apt-get upgrade

CentOS / Fedora:

yum upgrade

Step 3: Download SoftEther

You can download the latest SoftEther server package for Linux from their website:

Download SoftEther

Unfortunately, there is no way of getting the latest version through package managers (or even using a single url) at the moment. Therefore you have to browse their website using a desktop browser to download the package. There are a couple of ways of dealing with this: First, browse their website on your own computer and then depending on your server configuration (OS, x86/x64, etc.) find the link to the appropriate package then use wget to download the package to your server. Alternatively, you can use a terminal based web browser such as lynx to browse the SoftEther website and download the right package. Continue reading “How to Setup a Multi-Protocol VPN Server Using SoftEther” »

Share

Archiving a large backup across multiple discs on Linux

We have two options (as we obviously don’t want to delete our data!)

  • Use a different backup medium
  • Split the backup across multiple volumes

Sometimes the former just isn’t appropriate, as much because of the cost of harddrives vs Optical Media (i.e. CD’s/DVD’s).

This short tutorial will explain how to create a single backup archive, and then split it across multiple CD’s/DVD’s.

In this tutorial, I want to backup to DVD (as my photo collection would require more than 40 CD’s).

So from BASH;

tar -cf Pictures_backup.tar Pictures/
split -d -b 4480m Pictures.backup.tar

This will then give you multiple files to burn to disc (each beginning with x). Burn these files with your favourite CD Burner. To restore the files, copy them all to one directory and then run the following Continue reading “Archiving a large backup across multiple discs on Linux” »

Share

Using NGinx to serve static files and Apache for dynamic

Apache is a great web-server, but it has a pretty heavy memory footprint. It can get quite restrictive quite quickly, especially if you’re on a system will limited resources (given how many people now run on a VPS, and the poor disk IO of these systems it’s all the more important – swapping is slow).

The way around it, is to configure your system to use NGinx as a reverse-proxy. Depending how many virtualhosts you have, you can make the changes almost completely transparently within about 10 minutes.

Pre-Requisites

First, we need to be able to install NGinx, which means setting up the EPEL repo (if you already have it enabled, skip this step)

CentOS 6.x

rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

Now that the repo is installed, we need to install NGinx

yum install nginx

Configuring NGinx

Now that NGinx is installed we need to create a VirtualHost (actually NGinx calls them Server Blocks) for each site we are hosting.

nano /etc/nginx/conf.d/virtual.conf
#Insert one of these for each of the virtualhosts you have configured in Apache
server {
listen 80;
root /path/to/site/root; 
index index.php index.html index.htm;
server_name www.yourdomain.com yourdomain.com;
location / {
try_files $uri $uri/ /index.php;
}
location ~ \.php$ {

proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8080;
}

location ~ /\.ht {
deny all;
}
}

This configuration tells NGinx to try and serve the requested file, but to pass the request onto Apache if it’s unable to do so. Requests for PHP files should be forwarded automatically. Apache will be told who requested the file in the ‘X-Forwarded-For’ header. Continue reading “Using NGinx to serve static files and Apache for dynamic” »

Share

Configuring Postfix to block outgoing mail to all but one domain

This is so simple to do, but I have to look it up every time I need it (not something that comes up regularly!);

When configuring a development server, you may find you have a need to ensure that emails will not be sent to any domain except those you explicitly permit (for example if you’re using real-world data to do some testing, do you want to send all those users irrelevant emails?).

This documentation details how to configure Postfix on a Linux server to disregard any mail sent to domains that are not explicitly permitted.

Don’t use IPTables

You could, of course, add two IPTables rules to the outgoing chain. The first of which would allow connections on Port 25 to the domain you wish to allow, the second blocking connection to any server on Port 25.

It’ll block the mail from being sent, but will mean that every one of those messages sits in the mail queue for 60 days until it’s disregarded. You could reconfigure the timeout, but given the ease of the steps below, what’s the point?

Use Transport Mapping

Using this method, we can tell Postfix to either reject the mail, or disregard it. The latter is generally the preferred method as we want the sending application to believe the mail has been sent. Continue reading “Configuring Postfix to block outgoing mail to all but one domain” »

Share

Install VirtualBox on Centos 6 / 7

Step 1 – Add Required Yum Repositories

Firstly you are required to add VirtualBox yum repository in your system. Download repository file from its official site and place it under at /etc/yum.repos.d/virtualbox.repo .First navigate to /etc/yum.repos.d/ directory and use one of below commands as per your operating system.

cd /etc/yum.repos.d/
wget http://download.virtualbox.org/virtualbox/rpm/rhel/virtualbox.repo

The CentOS and RedHat users also required to add EPEL yum repository using one of the following commands.

### On CentOS/RHEL 7 ### 
rpm -Uvh http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
### On CentOS/RHEL 6 ### 
rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

Step 2 – Install Required Packages

Before installing VirtualBox make sure to install all required packages to run VirtualBox like kernel-headers, kernel-devels etc. Use the following command to install the required packages. Continue reading “Install VirtualBox on Centos 6 / 7” »

Share