Search This Blog
Tuesday, June 11, 2013
Public key types
1. OpenSSH key type
ssh-rsa AXCAB3NzaC1yc2EAAABAJQAAAIEAmGd3y/xJDjUeaJvFhRkcfpywWyrK3ZlR828E
jN4G0S0RsAgFiDnGGsYz5HuzZM1A+AabcswyMzhMoQDOKr99jLr/WbEdN2tZ8gN2
44C+LSXIAy3lCQgAWnYtOuAdBxmfcX3kQAH+ktejPd6GA1qAnPAHkv/+TaAawvAm
FbAA030=
2. OpenSSL PEM (Privacy Enhanced Mail) key type
-----BEGIN CERTIFICATE-----
QT8AG4baZYOizxdycd5tYazANBgkqhkiG9w0BAQUFADB3MQswCQYDVQQG [...]
-----END CERTIFICATE-----
Convert private OpenSSL to public OpenSSH:
ssh-keygen -y -f company.com.key > company.com.pub
Convert OpenSSH to OpenSSL PEM:
ssh-keygen -f key.pub -e -m pem > key.pem.pub
3. Convert:-----BEGIN PRIVATE KEY----- -----END PRIVATE KEY-----
to: -----BEGIN RSA PRIVATE KEY----- -----END RSA PRIVATE KEY-----
openssl rsa -in mykey.key -text > mykey.pem
4. Convert CSR to -----BEGIN PUBLIC KEY----- -----END PUBLIC KEY-----
openssl req -in brodline.com.csr -pubkey -noout
5. Issued certificate should be of a format:
-----BEGIN CERTIFICATE----- -----END CERTIFICATE-----
Sunday, June 9, 2013
Ubuntu TeamCity No suitable JDBC driver found for database type: MySQL
Due to licensing terms, TeamCity does not bundle driver jars for external databases. You will need to download the Java driver and put the appropriate jars (see below) from it into <TeamCity Data Directory>/lib/jdbc directory (create it if necessary).
apt-get install libmysql-java
cp /usr/share/java/mysql.jar ~/.BuildServer/lib/jdbc/
[2013-06-09 18:39:34,963] INFO - jetbrains.buildServer.STARTUP - Current stage: Checking the database
[2013-06-09 18:39:36,581] INFO - jetbrains.buildServer.STARTUP - Database contains no tables.
[2013-06-09 18:39:36,582] INFO - jetbrains.buildServer.STARTUP - Current stage: Database is empty or doesn't exist
-> Just login to TeamCity via WWW (127.0.0.1:8111) and open administration panel (giving authorization token). From there you can initialize new database.
apt-get install libmysql-java
cp /usr/share/java/mysql.jar ~/.BuildServer/lib/jdbc/
[2013-06-09 18:39:34,963] INFO - jetbrains.buildServer.STARTUP - Current stage: Checking the database
[2013-06-09 18:39:36,581] INFO - jetbrains.buildServer.STARTUP - Database contains no tables.
[2013-06-09 18:39:36,582] INFO - jetbrains.buildServer.STARTUP - Current stage: Database is empty or doesn't exist
-> Just login to TeamCity via WWW (127.0.0.1:8111) and open administration panel (giving authorization token). From there you can initialize new database.
Windows - set up SSL/HTTPS reverse proxy using Apache HTTPD; Wrap HTTP traffic in SSL tunnel layer on Windows
Our main goal is to secure traffic that would normally go in an unsecured HTTP channel with SSL tunnel. To do that you need to buy an SSL certificate - you need to have private as well as public key for that certificate.
To have a working reverse proxy you need to enable the following modules in Apache's http.config file.
mod_ssl - this module enables HTTPS connections, encrypting traffic between the Internet and the proxy server using SSL
mod_proxy - this module enables Apache to act as a forward or reverse proxy server
mod_proxy_http - this module enables HTTP connections between the proxy server and the RequisiteWeb server
mod_vhost - controls virtual hosts in Apache
Download Apache HTTPD (version with ssl_mod already built in): here
Modify httpd.config in the following manner:
Apache HTTPD config file along with sample certificates can be downloaded from here.
To have a working reverse proxy you need to enable the following modules in Apache's http.config file.
mod_ssl - this module enables HTTPS connections, encrypting traffic between the Internet and the proxy server using SSL
mod_proxy - this module enables Apache to act as a forward or reverse proxy server
mod_proxy_http - this module enables HTTP connections between the proxy server and the RequisiteWeb server
mod_vhost - controls virtual hosts in Apache
Download Apache HTTPD (version with ssl_mod already built in): here
Modify httpd.config in the following manner:
#Listen 80 - disable :80 listening port - it's not needed for
#reverse proxy
Listen 443
#=== MODULES IMPORTANT FOR SSL REVERSE PROXY ===
LoadModule ssl_module modules/mod_ssl.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
<VirtualHost *:443>
ServerName *.forcom.com.pl
ProxyRequests On
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
SSLProxyEngine On
ProxyPass / http://127.0.0.1:890/
ProxyPassReverse / http://127.0.0.1:890/
LogLevel info
ErrorLog "c:/ApacheLogs/ssl-proxy.log"
CustomLog "c:/ApacheLogs/ssl-proxy.log" combined
SSLEngine on
SSLProxyEngine On
SSLProtocol all
SSLCertificateFile "C:/cert/ssl/fcompany.pem"
SSLCertificateKeyFile "C:/cert/ssl/fcompanypriv.key"
</VirtualHost>
Apache HTTPD config file along with sample certificates can be downloaded from here.
Friday, June 7, 2013
Windows - set up SSL/HTTPS reverse proxy using NGINX; Wrap HTTP traffic in SSL tunnel layer
Our main goal is to secure traffic that would normally go in an unsecured HTTP channel with SSL tunnel. To do that you need to buy an SSL certificate - you need to have private as well as public key for that certificate.
This means that we want to call address: https://yourdomain.com and have that browser call transfered to our unsecured HTTP server WRAPPED in SSL tunnel.
First download NGINX Windows-1.4.1 from: http://nginx.org/en/download.html
(Remember to choose the stable version, as the Windows-1.5.1 crashes often on Windows XP SP3)
After successful installation of the nginx, you can start the balancer with:
start nginx
and shut it down with:
nginx -s stop
from the main directory of nginx (that's where nginx.exe resides).
The most important parts of the config file (nginx.conf) are:
listen 0.0.0.0:443;
First download NGINX Windows-1.4.1 from: http://nginx.org/en/download.html
(Remember to choose the stable version, as the Windows-1.5.1 crashes often on Windows XP SP3)
After successful installation of the nginx, you can start the balancer with:
start nginx
and shut it down with:
nginx -s stop
from the main directory of nginx (that's where nginx.exe resides).
The most important parts of the config file (nginx.conf) are:
listen 0.0.0.0:443;
ssl_certificate ssl/companypub.pem;
ssl_certificate_key ssl/companypriv.key;
proxy_pass http://127.0.0.1:80;
Both certificates are in PEM format. This configuration listens an all interfaces on port 443 and tunnels the traffic to its local HTTP server on port 80 (port 80 can be ignored in this case as it is the default port nginx would forward to).
You can download the configuration file along with sample certificate files here.
Thursday, June 6, 2013
Android ICS (4.0 and up) how to take screenshots straight from adb
Taking screenshots of the application you're developing has never been easier since Android 4.0.
If you have your device in debugging mode, just list the devices to see if the tablet/phone is visible:
adb devices
and then take screenshots in the following manner:
adb shell /system/bin/screencap -p /sdcard/screenshot_1.png
If you have your device in debugging mode, just list the devices to see if the tablet/phone is visible:
adb devices
and then take screenshots in the following manner:
adb shell /system/bin/screencap -p /sdcard/screenshot_1.png
Subscribe to:
Posts (Atom)