Creating a self-signed SSL Certificate
Feb 17

For this you will need the openssl package.  First we want to start by generating a private key.

root@localhost# openssl genrsa -out www.mydomain.com.key 1024
Generating RSA private key, 1024 bit long modulus
………….++++++
………………..++++++
e is 65537 (0×10001)

Then, we need to generate the certificate request and fill in the appropriate information.  Make sure that the “Common Name” matches the domain you want to protect via SSL, so if you domain was www.mydomain.com, use that.  If you wanted to protect mydomain.com (without the www.) then use that.

root@localhost# openssl req -new -key www.mydomain.com.key -out www.mydomain.com.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [GB]:
State or Province Name (full name) [Berkshire]:
Locality Name (eg, city) [Newbury]:
Organization Name (eg, company) [My Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server’s hostname) []:www.mydomain.com
Email Address []:email@mydomain.com

Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

Next, generate the self-signed certificate. You can specify the number of days the cert is valid for.

root@localhost# openssl x509 -req -days 365 -in www.mydomain.com.csr -signkey www.mydomain.com.key -out www.mydomain.com.crt
Signature ok
subject=/C=/ST=/L=/O=/CN=www.mydomain.com/emailAddress=email@mydomain.com
Getting Private key

Next, move the certificate and keyfile into apache’s SSL directory.

mv www.mydomain.com.key /etc/httpd/conf/ssl.key/
mv www.mydomain.com.crt /etc/httpd/conf/ssl.crt/

Finally, we configure our SSL virtual host in Apache.  The simplest way to do this is to copy the virtual host for the site you want to make SSL, then add/change the following bits.

<VirtualHost 192.168.1.100:443>

SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.key/www.mydomain.com.key
SSLCertificateKeyFile /etc/httpd/conf/ssl.crt/www.mydomain.com.crt

</VirtualHost>

Posted in linux, security | No Comments »
Search and Replace for multiple files
Feb 2

Here is a quick tip to help doing search and replace in multiple files.    You may need to change to fit your needs.

for file in `ls *.php`
do
sed -e ‘s/Copyright 2008/Copyright 2009/’ “$file” > tmp_file
mv -f tmp_file “$file”
done

What this does is get’s a list of all php files in the current directory, puts them in a loop with a variable called FILE, then does a sed search and replace calling the new file tmp_file and moving the temp file back in place.  If you wanted to do it for all files including in subdirectories, you could substitute:

ls *.php

with:

find ./ -name “*.php”

Posted in linux | 3 Comments »