• How to install and configure haproxy on Linux Ubuntu Debian


    haproxy is one of the best known and widely used Open Source load balancers out there and a strong competitor to nginx. haproxy is used by many large sites per Wikipedia: HAProxy is used by a number of high-profile websites including GoDaddy, GitHub,........
  • How To Create OpenVPN Server for Secure Remote Corporate Access in Linux Debian/Mint/Ubuntu with client public key authentication


    Why choose OpenVPN instead of a firewall appliance? OpenVPN can be a reliable and easy replacement for traditional hardware or just be an additional tool that your company uses so that the firewall can focus on its job rather than acting as a VPNappliance at the same time. When comparing OpenVPN with traditional firewal........
  • How To Install python 3.4 3.5 and up on Linux with wine - Working Solution


    This is sure simple if you follow the guide but it took a lot of hacking around to make this work on Debian/Ubuntu! Now before you ask why bother running wine and python, the reason is because Python executables are NOT cross-platform. If you run pyinstaller in Linux, that binary will only run on Linux and the same if you do it in Windows. So it is preferable if you have a single environment that you can create Linux and Windows binaries from rather than running 2 separate........
  • Radeon R3 GPU on Debian Crashing


    Occasionally my whole screen locks up and I cannot even swith to the console and I find this in my syslog: *-display description: VGA compatible controller product: Mullins [Radeon R3 Graphics] vendor: Advanced Micro Devices, Inc. [AMD/ATI]  ........
  • Installing SSL Certificate with Chain Intermediary CA File


    Some of the cheaper or newer SSL suppliers will require this to work properly (otherwise you may be prompted that the cert is invalid when it's not the case but it will certainly scare off your users!). In the Apache vhost conf for the domain here is what you add: SSLCACertificateFile /path/to/your/cafile.pem Here is a full example of an SSL Vhost config in Apache using a CA Certificate file ........
  • [Wed Sep 20 15:34:44 2017] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Wed Sep 20 15:34:44 2017] [error] Init: Unable to read server certificate from file /www/ssl-certs/server.crt [Wed Sep 20 15:34:44 2017] [error] SSL Library Err


    [Wed Sep 20 15:34:44 2017] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Wed Sep 20 15:34:44 2017] [error] Init: Unable to read server certificate from file /www/ssl-certs/server.crt [Wed Sep 20 15:34:44 2017] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag [Wed Sep 20 15:34:44 2017] [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error........
  • [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) - Apache Error Solution


    Does this mean? [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) Basically it means you created your SSL Certificate as a CA the wrong way, usually with this command: openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key How can you fix it and do it properly? Step 1.) Make a new Private KeyCreate server pass key:........
  • How to verify SSL SHA-1 Certificate Fingerprnit Signature of your mail/web server to avoid hijacking/man-in-the-middle attacks


    This is especially helpful if you run your own servers. If you are presented with an error message or warning that the signature has changed or does not match the IP/domain you are connecting to you always want to verify manually. So your e-mail/web client will show you an SHA-1 fingerprint like this: "Could not verify this certificate because the issuer is unkown" or other reasons such as a mismatch in IP/domain. It will also show you........
  • Unable to configure RSA server private key SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch


    [Tue Jun 23 02:05:52 2015] [error] Unable to configure RSA server private key [Tue Jun 23 02:05:52 2015] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch The above is an accurate description of what is wrong. In our case the client made a simple mistake of thinking the localhost.crt and localhost.key (default key locations for Apache SSL in Centos) were in the same directory but they we........
  • "Cannot load certificate file keys/server.crt: error:0906D06C:PEM" OpenVPN Solution


    Cannot load certificate file keys/server.crt: error:0906D06C:PEM The .crt is blank empty because when generating it I kept hitting enter for the defaults and this caused the crt not to be signed. Certificate is to be certified until Dec 18 00:35:49 2022 GMT (3650 days) Sign the certificate? [y/n]:y 1 out of 1 certificate requests certified, commit? [y/n]y So if you get messages like these, a........
  • Error code: sec_error_unknown_issuer Solution Valid SSL Certificate Throwing Error in Firefox


    So you've just purchased your SSL cert, renewed it and installed it or maybe you've had it installed and working fine all the time with all other browsers but you've upgraded to a recent version of Firefox and suddenly get the warning "Error code: sec_error_unknown_issuer" error. This is terrible since if you bought an SSL cert, you are most likely using it for trust purposes for your business and obviously that message will scare away most potential customers.........
  • Dovecot Enable SSL/TLS with your certificate


    Dovecot enable SSL (by default it uses an old expired cert if you choose pop3s and imaps as protocols) =================== Create Cert & Key: openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key mkdir /etc/mailssl chmod 700 /etc/mailssl cp server.* /etc/mailssl Edit /etc/dovecot.conf ssl_cert_file = /etc/mailssl/server.crt s........
  • Postfix Enable SSL/TLS with your certificate


    Create Cert & Key: openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key mkdir /etc/mailssl chmod 700 /etc/mailssl cp server.* /etc/mailssl Postfix SSL config Edit /etc/postfix/main.cf: #SSL stuff smtpd_tls_cert_file = /etc/mailssl/server.crt smtpd_tls_key_file = /etc/mailssl/server.key To make smtps w........
  • PHP CURL SSL won't work or connect


    I spent so much time debugging this, most sites don't tell you a very important option to use with CURL and you will only find out this is the problem by running the PHP script from the command line you get the following output that shows the issue (I don't see any way to get this output from Apache itself). * About to connect() to ip.ip.ip.ip port 25000 * Trying ip.ip.ip.ip... * connected * Connected to ip.ip.ip.ip (ip.ip.ip.ip) port 25000 * succes........
  • PHP cannot access /usr/bin/openssl


    PHP cannot access /usr/bin/opensslI have verified the username that runs the process is able to access /usr/bin/openssl and it does exist but the PHP script is saying it doesn't exist: [code:1:1fd0f3abbe] if (!file_exists($OPENSSL)) { //echo "ERROR: OPENSSL $OPENSSL not foundn"; }[/code:1:1fd0f3abbe] I don't get itI can clearly see the contents of /usr/bin by using the PHP system fu........
  • /usr/bin/ld: cannot open crt1.o: No such file or directory


    /usr/bin/ld: cannot open crt1.o: No such file or directory[quote:812bec9db7]/usr/bin/ld: cannot open crt1.o: No such file or directory collect2: ld returned 1 exit status[/quote:812bec9db7] This is annoying and in my case it happened on Centos AMD 64 when compiling a 32bit program with GCC. Install glibc-devel.i386 (make sure you get the i386 version and not the native 64 bit version which is likely already installed). The joys of 3........
  • Create/Enable SSL Certificates for Apache on Linux/Unix Systems eg. Redhat,Centos,Debian


    Shortcut/Easiest Way To Create A Self-Signed Key: openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key Using the above, you instantly create a self-signed certificate valid for 1530 days and you can simply skip to step #5.) below. If You Need a Real SSLCertificate (eg. Equifax/Openssl) then you need to create a CSR request (you'll need to follow Steps 1.) and 2.) in order to create the CSR. You then upload the CSR Certi........
  • Latest Articles

  • How to resize a pdf without losing much quality in Linux Mint Ubuntu Debian Redhat Solution
  • qemu: could not load PC BIOS 'bios-256k.bin' solution
  • Proxmox How To Custom Partition During Install
  • Hyper-V Linux VM Boots to Black Screen, Storage, NIC Not Found Issues
  • Ubuntu Mint How to Fix Missing/Broken /dev and /dev/pts which causes terminal to immediately close exit and not work
  • How high can a Xeon CPU get?
  • bash fix PATH environment variable "command not found" solution
  • Ubuntu Linux Mint Debian Redhat Youtube Cannot Play HD or 4K videos, dropped frames or high CPU usage with Nvidia or AMD Driver
  • hostapd example configuration for high speed AC on 5GHz using WPA2
  • hostapd how to enable and use WPS to connect wireless devices like printers
  • Dell Server Workstation iDRAC Dead after Firmware Update Solution R720, R320, R730
  • Cloned VM/Server/Computer in Linux won't boot and goes to initramfs busybox Solution
  • How To Add Windows 7 8 10 11 to GRUB Boot List Dual Booting
  • How to configure OpenDKIM on Linux with Postfix and setup bind zonefile
  • Debian Ubuntu 10/11/12 Linux how to get tftpd-hpa server setup tutorial
  • efibootmgr: option requires an argument -- 'd' efibootmgr version 15 grub-install.real: error: efibootmgr failed to register the boot entry: Operation not permitted.
  • Apache Error Won't start SSL Cert Issue Solution Unable to configure verify locations for client authentication SSL Library Error: 151441510 error:0906D066:PEM routines:PEM_read_bio:bad end line SSL Library Error: 185090057 error:0B084009:x509 certif
  • Linux Debian Mint Ubuntu Bridge br0 gets random IP
  • redis requirements
  • How to kill a docker swarm