How TO Install GoDaddy Wild Card SSL Certificate

Posted on August 12, 2011 by deepak

This article presumes that you have already downloaded the wild card certificate after generating the private key and csr request.

GoDaddy gives you two files:

  1. gd_bundle.crt
  2. yourdomain.com.crt

Step 1.

change httpd.conf file to create a virtualhost for https at port 443 as following.

<VirtualHost xxx.xxx.xxx.xxx:443>
DocumentRoot "/home/path/web/root/folder"
ServerName subdomain.yourdomain.com:443
RewriteEngine On

SSLEngine on
SSLCertificateFile /home/path/to/yourdomain.com.crt
SSLCertificateKeyFile /home/path/to/privatekey.key
SSLCertificateChainFile /home/path/to/gd_bundle.crt
#SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
</VirtualHost>
As we know above that wild card certificate secures multiple sub domain so use *.yourdomain.com:443, in your case replace * with your sub domain.
To use SSLEngine on you need to enable ssl module in apache. Use following command:
sudo a2enmod ssl

Step 2

Change .htaccess file as

RewriteEngine On

RewriteCond %{SERVER_PORT} 80

RewriteRule ^(.*)$ https://your.domain.com/$1 [R,L]

Above code chunk is used to redirect the traffic to https url. Restart your server. And it should work.

While copy pasting the code above please take care special characters (would be better if typed). would integrate a code highlighting plugin soon in my blog. Lazy me.

-deepak

Posted in Linux, developer | Tagged , , , , , | View Comments

scp command in linux to transfer files from one server to another

Posted on August 11, 2011 by deepak

To transfer your files from one server to another use following command set.

login to the server to which you have to copy the files(i.e. destination server)

scp user1@server1:/full/path/to/source/file .

Press enter it ll ask for the source server password.Provide the password and transfer should start right away.

DOT (.) at the end of the command indicates that files/folder will get copied to the present working directory otherwise a path to a destination folder can also be given.

Replace scp with pscp if on windows.

Posted in Linux, developer | Tagged , , | View Comments

How to implement self signed SSL certificate in websites

Posted on August 1, 2011 by deepak

Normal web traffic is sent unencrypted over the Internet. That is, anyone with access to the right tools can snoop all of that traffic. Obviously, this can lead to problems.The Secure Socket Layer(SSL) is used to encrypt the data stream between the web server and the web client (the browser).

Step 1: Generate a Private Key

The first step is to create your RSA Private Key. This key is a 1024 bit RSA key which is encrypted using Triple-DES and stored in a PEM format so that it is readable as ASCII text.

openssl genrsa -des3 -out server.key 1024

Generating RSA private key, 1024 bit long modulus
…………………………………………………++++++
……..++++++
e is 65537 (0×10001)
Enter PEM pass phrase:
Verifying password – Enter PEM pass phrase:

Step 2: Generate a CSR (Certificate Signing Request)

Once the private key is generated a Certificate Signing Request can be generated. The CSR is then used in one of two ways. Ideally, the CSR will be sent to a Certificate Authority, such as Thawte or Verisign who will verify the identity of the requestor and issue a signed certificate. The second option is to self-sign the CSR, which will be demonstrated in the next section.

During the generation of the CSR, you will be prompted for several pieces of information. These are the X.509 attributes of the certificate. One of the prompts will be for “Common Name (e.g., YOUR name)”. It is important that this field be filled in with the fully qualified domain name of the server to be protected by SSL. The command to generate the CSR is as follows:

openssl req -new -key server.key -out server.csr

Country Name (2 letter code) [GB]:IN
State or Province Name (full name) [Berkshire]:Delhi
Locality Name (eg, city) [Newbury]: ABC City
Organization Name (eg, company) [My Company Ltd]: MyOrg
Organizational Unit Name (eg, section) []:Information Technology
Common Name (eg, your name or your server’s hostname) []:decentminddotcom
Email Address []:deepak at decentmind dot com
Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

Step 3: Remove Passphrase from Key

One unfortunate side-effect of the pass-phrased private key is that Apache will ask for the pass-phrase each time the web server is started.

use the following command to remove the pass-phrase from the key:

cp server.key server.key.org
openssl rsa -in server.key.org -out server.key

The newly created server.key file has no more passphrase in it.

Step 4: Generating a Self-Signed Certificate

To generate a temporary certificate which is good for 365 days, issue the following command:

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

Step 5: Installing the Private Key and Certificate

When Apache with mod_ssl is installed, it creates several directories in the Apache config directory. The location of this directory will differ depending on how Apache was compiled.

cp server.crt /usr/local/apache/conf/ssl.crt
cp server.key /usr/local/apache/conf/ssl.key

Step 6: Configuring SSL Enabled Virtual Hosts

SSLEngine on
SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt
SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key
SetEnvIf User-Agent “.*MSIE.*” nokeepalive ssl-unclean-shutdown
CustomLog logs/ssl_request_log \
“%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \”%r\” %b”

Step 7: Restart Apache and Test

/etc/init.d/httpd stop
/etc/init.d/httpd stop

Now check the url with https://yourdomain.com

-deepak

Ref: http://www.akadia.com/services/ssh_test_certificate.html

Posted in General, Linux, Technology, security | Tagged , , | View Comments

Hi

Posted on July 17, 2011 by deepak

Friends I have been away from everything (work, sns, fun etc.) since last three months due to health reasons. I was just lying on my bed and did nothing as I was not able to move.

After 3 months I get to access internet and it feels awesome. Its still going to take 2-3 months to become normal.

Till then Good bye …

Posted in General | View Comments

I hate you Array()

Posted on April 7, 2011 by deepak

Dear Array(),

You are most frequently used data structure in any programming language and so use full for every developer.

But somehow I have developed a strong dislike for you. When ever I see you I feel like banging my head in wall made of rubber, neither the wall breaks nor it hurts but wastes lot of time. But still I use almost every where.

If I were to change anything in programming paradigm I would remove you. Why the hell are you so use full.

I know you wont leave me alone. F**** Y** Mr. Array().

-deepak

Posted in General | View Comments

Congratulations to Indian Cricket Team

Posted on April 2, 2011 by deepak

April 02, 2011 India wins the cricket world cup. What a day it was, I was watching cricket on TV with my friends. I enjoyed the moment a lot, its an unforgettable feeling.

India over comes all the odds & criticism and has shown world that they are true world champions.

Once again my heartly congratulation to Indian Cricket Team and the support staff.

-deepak

Posted in General, Gyan By Me, Sports | Tagged , , | View Comments

Mysqldump on linux

Posted on March 29, 2011 by deepak

Hi
I am storing few linux commands for my own reference.

1) create tar file

tar -cvf destination_folder_name source

v indicates verbose.

2) mysql dump / mysql back up
The most simple way is to issue this command:

mysqldump -u [user] -p [database_name] > [backupfile].dump

This command is going to ask you for the [user] password and then will create a script which later can be used to restore the data.Another way is to use the optimized way.

mysqldump --opt -u [user_name] -p [database_name] > [backup_file].dump

This command will use an optimized method, and will include in the script MySQL commands that will erase (drop) tables that already exists and create them again before populate the data inside.
Maybe the best way to run this command is to use the option of gzip the output file. (for obvious reasons)

mysqldump --opt -u [user_name] -p [database_name] | gzip > [backup_file].dump.gz

Once you have your backup file, you may want to restore it someday, this is the way to do it. (remember tu unzip your file, if zipped, before)

mysql [database_name] < [backup_file].dump

Remeber that you can run

man mysqldump

for more help.

I would keep adding more …

Posted in Linux, Technology, developer | Tagged , , , | View Comments

What do I do to be happy most?

Posted on February 22, 2011 by deepak

Well it has become a treasure hunt for me, when I am depressed I like doing following …

  • Look for inspiration
  • Get shower
  • start browsing some of my old projects/presentation/papers
  • sit alone and think of nothing
  • I start helping others, when not in a good mood (gives me feeling that I am worth something)
  • call my parents or to best friend and let everything out
  • And last but not the least I sleep when upset

Is there any thing else I can do , Oh yeah blog and force everyone to read :) . Most of the time I try to do some of these in such situations. Wish I could do more better things .

-deepak

Posted in General | View Comments

How to access symfony2 console?

Posted on February 8, 2011 by deepak

Hi All

The most awesome feature symfony framework provides is CLI interface. Symfony2 is also packed with same cool CLI.

Just put symfony2 sandbox to your root directory (i tried with ubuntu setup). Point to your sf2 project dir and type “php symfony app/console” and hit enter.

It should show you all the commands available for sf2.

NOTE: Don’t forget to give write permission to app/cache and app/log directories.

-deepak

Posted in symfony2 | Tagged , | View Comments

Few PHP 5.3 Presentations & RegX Cheat Sheet I Liked

Posted on January 20, 2011 by deepak

I happen to find these while reading/surfing, so thought of putting it here …. I would be adding more to this post …. stay tuned

regular-expressions-cheat-sheet-v2.pdf
Courtesy: [http://ebookchoice.net/php-5-3-awesome.html]

-deepak

Posted in Technology, cheatsheet, php | Tagged , , , | View Comments