How To Convert An RSA Private Key to PEM Format

Author: , January 10th, 2020

How To Fix Apache VirtualHost Overlap on Port 443 on AWS Linux

Author: , July 4th, 2016

If you get this error when starting Apache or via apachectl configtest: [warn] _default_ VirtualHost overlap on port 443, the first has precedence then you must add: NameVirtualHost *:443 to /etc/httpd/conf/httpd.conf, then restart Apache

OpenSSL Heartbleed Security Flaw Summary and Resources

Author: , April 8th, 2014

Summary TLS heartbeat read overrun (CVE-2014-0160) – A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64k of memory to a connected client or server. OpenSSL Versions Affected The 1.0.1 and 1.0.2-beta releases of OpenSSL are affected including 1.0.1f and 1.0.2-beta1. OpenSSL 1.0.2-beta through 1.0.2-beta1 […]

How To Install A Network Solutions EV SSL Certificate On CentOS Apache 2

Author: , October 11th, 2011

Create the server key from your original private key by removing the pass-phase:

These are the files that NetSol provided me in the download .zip file (domain name changed to protect the innocent):

Network Solutions does not make it easy on you – in the install docs they tell you there is yet […]

Apache 2 SSL Hints

Author: , February 16th, 2011

yum install mod_ssl vim /etc/httpd/conf.d/ssl.conf If you got a sign certificate from Thawt, is may be in a signed bundle in PKCS #7 format. Look for this at the top: —–BEGIN PKCS #7 SIGNED DATA—– To extract the cert that you will need for Apache, run the following command: openssl pkcs7 -print_certs -in signed_bundle.pkcs7 Your […]

How To Enable TLS/SSL Encryption In Postfix (smtpd)

Author: , December 17th, 2010

Below info copied from http://yocum.org/faqs/postfix-tls-sasl.html Verify that the correct libraries have been linked in: # ldd /usr/libexec/postfix/smtpd You should see the following: smtpd: libsasl2.so.2 => /usr/local/lib/libsasl2.so.2 (0x28096000) libssl.so.3 => /usr/local/lib/libssl.so.3 (0x280aa000) libcrypto.so.3 => /usr/local/lib/libcrypto.so.3 (0x280db000) If you see libsasl2, libssl, and libcrypto, congratulations — the server is ready to support SASL and TLS. Generate an […]

How To Fix NRPE “Could not complete SSL handshake” Error

Author: , December 13th, 2010

If you get this obnoxious error fron Nagios/NRPE: “CHECK_NRPE: Error – Could not complete SSL handshake” Make sure to comment out the following line in /etc/nagios/nrpe.cfg: #allowed_hosts=127.0.0.1 Use this to test on MacOSX: /opt/local/libexec/nagios/check_nrpe -H {IP}

How To Fix Webmin SSL Setup Errors

Author: , October 19th, 2010

I was getting this error:

Edit the file /etc/webmin/miniserv.conf and add:

Certifiable!

Author: , October 16th, 2009

Got the client’s web server to accept secure connections via SSL. I configured Apache httpd.conf properly so it used the right certificate file and it finally started working. I love lsof – what a great tool. Naomi just got home. Time for some TLC for her.

Looking for Authority…

Author: , October 16th, 2009

Need to find the client’s SSL cert – anyone seen it?