How To Enable HTTPS For Grafana Using Existing LetsEncrypt Certificates

Author: , July 15th, 2020

How To Upgrade Certbot, Python and PIP on AWS Linux 1

Author: , May 6th, 2020

I ran letsencrypt-auto renew and got the following error:

The solution in this article gave me the answer:

Turns out Python was old at version 2.7, so did the following also:

Also had to change the cron job script to call certbot directly instead of letsencrypt-auto : vi /root/

How To Convert An RSA Private Key to PEM Format

Author: , January 10th, 2020

How To Fix Apache VirtualHost Overlap on Port 443 on AWS Linux

Author: , July 4th, 2016

If you get this error when starting Apache or via apachectl configtest: [warn] _default_ VirtualHost overlap on port 443, the first has precedence then you must add: NameVirtualHost *:443 to /etc/httpd/conf/httpd.conf, then restart Apache

OpenSSL Heartbleed Security Flaw Summary and Resources

Author: , April 8th, 2014

Summary TLS heartbeat read overrun (CVE-2014-0160) – A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64k of memory to a connected client or server. OpenSSL Versions Affected The 1.0.1 and 1.0.2-beta releases of OpenSSL are affected including 1.0.1f and 1.0.2-beta1. OpenSSL 1.0.2-beta through 1.0.2-beta1 […]

How To Install A Network Solutions EV SSL Certificate On CentOS Apache 2

Author: , October 11th, 2011

Create the server key from your original private key by removing the pass-phase:

These are the files that NetSol provided me in the download .zip file (domain name changed to protect the innocent):

Network Solutions does not make it easy on you – in the install docs they tell you there is yet […]

Apache 2 SSL Hints

Author: , February 16th, 2011

yum install mod_ssl vim /etc/httpd/conf.d/ssl.conf If you got a sign certificate from Thawt, is may be in a signed bundle in PKCS #7 format. Look for this at the top: —–BEGIN PKCS #7 SIGNED DATA—– To extract the cert that you will need for Apache, run the following command: openssl pkcs7 -print_certs -in signed_bundle.pkcs7 Your […]

How To Enable TLS/SSL Encryption In Postfix (smtpd)

Author: , December 17th, 2010

Below info copied from Verify that the correct libraries have been linked in: # ldd /usr/libexec/postfix/smtpd You should see the following: smtpd: => /usr/local/lib/ (0x28096000) => /usr/local/lib/ (0x280aa000) => /usr/local/lib/ (0x280db000) If you see libsasl2, libssl, and libcrypto, congratulations — the server is ready to support SASL and TLS. Generate an […]

How To Fix NRPE “Could not complete SSL handshake” Error

Author: , December 13th, 2010

If you get this obnoxious error fron Nagios/NRPE: “CHECK_NRPE: Error – Could not complete SSL handshake” Make sure to comment out the following line in /etc/nagios/nrpe.cfg: #allowed_hosts= Use this to test on MacOSX: /opt/local/libexec/nagios/check_nrpe -H {IP}

How To Fix Webmin SSL Setup Errors

Author: , October 19th, 2010

I was getting this error:

Edit the file /etc/webmin/miniserv.conf and add: