evolution creations
when you put your mind to it, anything is possible
Installing SSL Certificate on Apache2.2 installed on Windows 2003 Server
May 14th
This guide assumes that you have already installed Apache2.2 and OpenSSL on your server.
Once you have gotten the certificate file back from your CA, you will want to rename the certificate file to your commonname.cert.
You will then go to:
C:\Program Files\Apache Foundation Software\Apache2.2\conf
and create a directory called ‘ssl’. Then go into the directory:
C:\Program Files\Apache Foundation Software\Apache2.2\conf\ssl
Copy your *.key file and *.cert file into this directory. We then have to make changes to the httpd.conf file. You will need to add a few lines. The first will go towards the bottom of the configuration file before any
Include conf/ssl.conf
Then you will want to browse to:
C:\Program Files\Apache Foundation Software\Apache2.2\conf\extra
and locate the httpd-ssl.conf file. Copy this into your:
C:\Program Files\Apache Foundation Software\Apache2.2\conf
directory and rename this to ssl.conf. In both the httpd.conf and ssl.conf, locate the lines:
ServerName
and make sure that they are formated as:
httpd.conf
ServerName commonname:80ssl.conf
ServerName commonname:443
In the ssl.conf file, locate the following variables: SSLCertificateFile and SSLCertificateKeyFile. You will need to point these to the location of your *.cert and *.key. They should look like:
SSLCertificateFile C:/Program Files/Apache Foundation Software/Apache2.2/conf/ssl/commonname.cert
SSLCertificateKeyFile C:/Program Files/Apache Foundation Software/Apache2.2/conf/ssl/commonname.key
Save all your files, and start Apache from Start > Run > services.msc. All things being, this should work and you should be able to go to a command prompt and type in the following:
telnet localhost 80
and
telnet localhost 443
and each should return a blank screen with a blinking curser in the upper left corner. If you get any errors, make sure to check the Event Viewer > Application to see what Apache is reporting as being a problem. Also within the directory:
C:\Program Files\Apache Foundation Software\Apache2.2\log
there is an error.log file that will log out any errors that you might have.
Also you can also check your installation by going to Verisign’s Checker tool.
Known Issue 1
There is one know issue on Windows, if you get the error message in the error.log as:
Error: Init: SSLPassPhraseDialog builtin is not supported on Win32
This is because a password was entered while generating the key file via openssl. To fix this, you will first need to go to the ssl.conf file and comment out the line that contains:
SSLPassPhraseDialog
and save the file. Then you will want to go to your directory:
C:/Program Files/Apache Foundation Software/Apache2.2/bin
and run the following command:
openssl rsa -in commonname.key -out commonname2.key
Copy the commonname2.key file and then go to:
C:/Program Files/Apache Foundation Software/Apache2.2/conf/ssl
and delete the current commonname.key and replace it with commonname2.key. Rename commonname2.key to commoname.key.
Try to restart Apache from Start > Run > services.msc and see if that works for you!
Known Issue 2
If you are using a Verisign SSL Certificate, you may have a experienced a problem where pulling up the secure site will return an error indicating: Unable to verify the identify of commonname as a trusted site.
This is because with Verisign certificates, you now need to install an intermediate certificate. That can be found directly from Verisign. The key is that within the ssl.conf file you need to uncomment out the line:
SSLCertificateChainFile “C:/Program Files/Apache Software Foundation/Apache2.2/conf/ssl/intermediate.crt”
save, then restart Apache. Keep in mind that the name there is what you save the intermediate certificate that you get from the Verisign site, make sure that you save the file name in the ssl directory.
Once you do this, your cert should work fine. Use the Verisign checker to verify your findings.
apt-get update requests Ubuntu CD
May 13th
When you are performing an:
sudo apt-get update
You are prompted for the Ubuntu CD:
Do you want to continue [Y/n]? y
Media change: please insert the disc labeled
‘Ubuntu-Server 7.10 _Gutsy Gibbon_ – Release i386 (20071016)’
in the drive ‘/cdrom/’ and press enter
To get around this, go into your sources list:
sudo joe /etc/apt/sources.list
and look for the line at the top:
deb cdrom:[Ubuntu-Server 7.10 _Gutsy Gibbon_ - Release i386 (20071016)]/ gutsy main restricted
and comment this out:
#deb cdrom:[Ubuntu-Server 7.10 _Gutsy Gibbon_ - Release i386 (20071016)]/ gutsy main restricted
Rerunning:
sudo apt-get update
will now download the sources, instead of trying to get them from a CD.
Installing NoIP Client on Ubuntu 8.04
May 11th
The very first thing that you want to do is to go to the No-IP website and create an account. I’m assuming that for the purposes of this document you all know how to do that. The important bits of information that you will need from this process is to know:
- Account Name (typically this is your email address)
- Password for No-IP
- Host Name configured in No-IP
Once you have setup an account and created your unique host name, open up Terminal (Applications > Accessories > Terminal) and start punching in the following:
sudo apt-get install no-ip
When the package is downloaded, you will want to create the configuration directory:
sudo mkdir /var/lib/noip2
Once the configuration directory is created, you’ll need to create a configuration file:
sudo joe /var/lib/noip2/noip2.conf
and when Joe opens, just enter in a space and save and exit. That will create the dummy file and you’ll be then able to run:
sudo noip2 -C
which will run the configuration for NoIP2.
First you will be prompted to enter in the interface that has an external connection. In my case, since I’m running noip from my Ubuntu router it has two interfaces, my external connection is on eth1.
You will be prompted to first enter in your Account Name. Remember this is your email address. Then you will be prompted to enter in your password and finally it will register your host that is registered to your no-ip account.
Once the wizard is complete you should be dropped back to your Terminal prompt. Now the question is how do you know that it’s running? For this you will want to check your logs. Run the following:
cat daemon.log | grep noip
You should see something like the following:
george@otani:/var/log$ cat daemon.log | grep noip
May 11 09:42:38 otani noip2[11343]: v2.1.7 daemon started with NAT enabled
May 11 09:42:38 otani noip2[11343]: ****.servehttp.com was already set to xx.xx.xx.xxx.
The “****.servehttp.com’ will be replaced with whatever you specified as your own host within the configuration wizard and the xx.xx.xx.xxx will be the IP address that should be your external WAN IP address. You can confirm this by opening your router administration and comparing what you see in the logs to what’s listed there as your WAN address. Or you can visit a webpage that will tell you what your external IP address is.
What Happens in Vegas the Movie
May 10th
There is an tired old saying that “What happens in Vegas stays in Vegas”. In fact that’s probably one of those sayings that you hear around the water cooler on those days that you need to stir things up or when you are talking about things not all that related to work to get your mind of the daily grind!
Needless to say that I didn’t know what to expect from this movie. You watch the previews and think to yourself, this combo, does it really work? Can you make a movie out of this plot line?
Now for those who know me, and for those who don’t, I’m a huge fan of these types of movies–Romatic Comedies. There is just something about them that just makes you want to watch more of them.
Surprisingly enough, and without spoiling this movie for those would-be goers, I was pleasently surprised. Although throughout the movie, it seems like the game that they played was a bit out of portion to what it was that they were after? After all, the premise of the movie is that these two who made a foolish act in Vegas realizing that they had nothing in common with each other, now were drawn to each other by $3 million dollars. But consider this, she is a broker, and he is the son of a man who own’s a wood working business (not exactly sure there, but regardless he owns the business) , is $3 million dollars or even half of that $1.5 million dollars, worth going through all of that pain and suffering if you really don’t like each other? Also would you feel comfortable knowing that you had to share the same area as someone who might take advantage of you? I think from a movie perspective, they perhaps could have made the pot a little more appealing, say $10 million dollars or something like that.
All in all, this was a cute movie, be it though I think the ending was rather weak and certainly left you wanting for more. Might also be one that you let go to DVD as I don’t see this as a must-see box office movie.
Installing OpenFire on Ubuntu 8.04
May 10th
The first thing that you will want to do is to setup LAMP (Linux, Apache, MySQL, PHP) on your image. I’m doing this on a fresh Ubuntu Desktop 32bit 8.04 installation so that I can use X11. A great guide exists here, but I’ll post the steps here as well (sometimes those pesky links die).
Installing Apache2
1. Open up the Terminal (Applications > Accessories > Terminal).
2. Copy/Paste the following line of code into Terminal and then press enter:
sudo apt-get install apache2
3. The Terminal will then ask you for you’re password, type it and then press enter.
Testing Apache2
To make sure everything installed correctly we will now test Apache to ensure it is working properly.
1. Open up any web browser and then enter the following into the web address:
http://localhost/
You should see a folder entitled apache2-default/. Open it and you will see a message saying “It works!” , congrats to you!
Installing PHP5
In this part we will install PHP 5.
Step 1. Again open up the Terminal (Applications > Accessories > Terminal).
Step 2. Copy/Paste the following line into Terminal and press enter:
sudo apt-get install php5 libapache2-mod-php5
Step 3. In order for PHP to work and be compatible with Apache we must restart it. Type the following code in Terminal to do this:
sudo /etc/init.d/apache2 restart
Testing PHP5
To ensure there are no issues with PHP let’s give it a quick test run.
Step 1. In the terminal copy/paste the following line:
sudo gedit /var/www/testphp.php
This will open up a file called phptest.php.
Step 2. Create a phpinfo page to test PHP and verify that it’s functioning. I have a copy here that you can use. Right click on the link and go to Save As to save the test page. You’ll want to then upload that saved file to your FTP site. Or if you are on your Ubuntu machine, you can run the below. Make sure that you’re in the DocumentRoot directory (see your Apache conf for the DocumentRoot path).
wget http://evolutioncreations.com/download/phptest.php
Step 3. Save and close the file.
Step 4. Now open you’re web browser and type the following into the web address:
http://localhost/testphp.php
Congrats you have now installed both Apache and PHP!
Installing MySQL5
To finish this guide up we will install MySQL. (Note – Out of Apache and PHP, MySQL is the most difficult to set up. I will provide some great resources for anyone having trouble at the end of this guide.)
Step 1. Once again open up the amazing Terminal and then copy/paste this line:
sudo apt-get install mysql-server
Step 3. This is where things may start to get tricky. Begin by typing the following into Terminal:
mysql -u root -p
Enter in the password that you setup during the apt-get install process.
Step 4. We are now going to install a program called phpMyAdmin which is an easy tool to edit your databases. Copy/paste the following line into Terminal:
sudo apt-get install libapache2-mod-auth-mysql php5-mysql phpmyadmin
After that is installed our next task is to get PHP to work with MySQL. To do this we will need to open a file entitled php.ini. To open it type the following:
gksudo gedit /etc/php5/apache2/php.ini
Step 5. Once the text editor opens the php.ini file, go to the bottom of the file and add in the following line:
extension=mysql.so
This will allow you to use MySQL within your PHP scripts.
Now just restart Apache and you are all set!
sudo /etc/init.d/apache2 restart
Installing OpenFire 3.5.1
The first thing that we want to do in preparation to install OpenFire is to install Java. Since I’m doing this on a fresh install of Ubuntu Java isn’t installed. But if you do have it installed, make sure you hava version 6.
Step 1. To check your Java version you can run the command:
java -version
If nothing returns, or you get something that tells you that you need to install Java, proceed to step 2. If you do get something back and Java is version 6, then skip to step 3.
Step 2. To install Java, run the following command from Terminal (Applications > Accessories > Terminal):
sudo apt-get install sun-java6-bin
Since you only have one version of Java installed on your system, you don’t need to go to step 2a. If you have multiple versions of Java installed, you will want to specify your Java version:
sudo update-alternatives –config java
select /usr/lib/jvm/java-6-sun/jre/bin/java
Step 3. To create your MySQL user and database. Since your LAMP installation installs phpMyAdmin, first log into phpMyAdmin using root as your username and the password you configured during the installation process.
On the main page, locate Priviledges and scroll down to Add a new User.
Use the following on the New User screen:
Username = Enter a username, I used ‘openfire’
Host = From the drop down menu, select localhost
Password = Enter a password, retype your password
Under the Database for user section of that page, click on the radio button for Create database with same name and grant all priviledges.
At the bottom of the page, click on the Go button.
Step 4. Now that we have setup the database and user, we want to get the OpenFire package. First go to:
cd /opt
Then run:
sudo wget http://www.igniterealtime.org/downloadServlet?filename=openfire/openfire_3_5_1.tar.gz
Once the file downloads, run:
sudo mv downloadServlet\?filename\=openfire%2openfire_3_5_1.tar.gz openfire_3_5_1.tar.gz
then run:
sudo tar zxvf openfire_3_5_1.tar.gz
then create a a symlink:
ln -s /opt/openfire/bin/openfire /etc/init.d/
You know have to make your symlink executable:
chmod +x /etc/init.d/openfire
Now we have to fix an error that comes up when you try and restart the service. Go into the /opt directory:
cd /opt/openfire
and run:
nohup: appending output to `nohup.out’
Congraduations! You can now finish the configuration through the URL:
http://localhost:9090/
Setting up DirectoryIndex in Ubuntu Apache 2.2
May 5th
So in setting up this new Ubuntu box, I ran into a problem that I couldn’t solve for the longest time, even though it is the simplest of problems–how do you setup DirectoryIndex in Apache2.2 without using a .htaccess file?
It turns out that this is VERY simple. Assuming that you are like me and just setting up Apache 2.2 on a home machine and that you are not using virtual hosting, it goes something like this.
First you want to find your default configuration. For me it was in the /etc/apache2 directory. Using your favorite text editor (mine is joe), open the file:
sudo joe /etc/apache2/sites-available/default
locate the following block:
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
then add the following line into the above directory block:
DirectoryIndex nameoffile.extension
For me, it looks like:
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
DirectoryIndex login.php index.php home.html
It’s that easy!
Starting Synergy during Bootup
May 5th
To those who don’t know, Synergy is a way to share a keyboard, mouse, and monitor that is attached to one master computer (server), and many other slave computers (clients). It’s similar to a KVM, but uses standard TCP/IP protocols to control the machines.
On a Ubuntu machine, you will run the following:
sudo apt-get install synergy
and this will install Synergy onto the machine. At this point, this isn’t assuming that your Ubuntu machine is the server or client. In my configuration, the Ubuntu machine is a client, and my Windows machine is the server.
http://synergy2.sourceforge.net/
Now comes the fun part, how do you configure synergy to startup during the boot process so that when you get to the username/password login screen, you can immediately use your server’s KVM to log yourself in. This is important, as I use to have to hook up a USB keyboard to the Ubuntu machine to type in the username and password. This is surprisingly simple to do as it requires two modifications to files.
The first is:
sudo gedit /etc/gdm/Init/Default
#Synergy – place this line somewhere before the “sysmodmap=/etc/X11/Xmodmap” line
/usr/bin/synergyc serverComputerHostname
The last is:
sudo gedit /etc/gdm/PreSession/Default
#Synergy – place this line somewhere before the “XSETROOT=`gdmwhich xsetroot`” line
/usr/bin/synergyc serverComputerHostname
Once you add the following lines into both files, you can log out of your session (or restart) and when you get to the login screen you will be able to use your server’s KVM.
There is one additional step that you may have to take, if you are reimaging the Ubuntu box and the server name changes, you will need to make sure to update the server name in the Synergy server’s configuration to ensure that it knows what machine is connecting and what orientation it has to your server (i.e. to the left of, to the right of, etc).
Iron Man – Marvel comes through and does it again!
May 5th
I have to admit, movies that typically have a lot of hype, tend to do very poorly in the movie theaters. For example, let’s look at the following overhyped movies that came from the Top 25 Turkeys:
#11 – Catwomen
- Budget: $100 million
- Domestic Gross: $40.2 million
#10 – Battlefield Earth
- Budget: $73 million
- Domestic Gross: $21.5 million
#9 – Gigli
- Budget: $54 million
- Domestic Gross: $6.1 million
#8 – Waterworld
- Budget: $175 million
- Domestic Gross: $88.2 million
And the list goes on and on and on. Where if you look a movie like The Matrix, we see that the initial promotions for it provoked the movie goer and what did that end up with–a BLOCKBUSTER hit trilogy that grossed more than $592,370,339!!!! Now 1/2 a BILLION is not bad at all!
Now with Iron Man, we have to look a little deeper than the surface. To start with, let’s start with the studio, Marvel Studios. They have put out a load of hit movies:
- Blade
- Blade II
- Blade: Trinity
- Daredevil
- Elektra
- Fantastic Four
- Fantastic Four: Rise of the Silver Surfer
- Ghost Rider
- Hulk
- Spider-Man
- Spider-Man 2
- Spider-Man 3
- The Punisher
- Punisher: War Zone
- X-Men Origins: Wolverine
- X-Men
- X2: X-Men United
- X-Men: The Last Stand
Now let’s face it, not all of these movies were great–in fact, let’s go as far as to say that most of the movies up here were a COMPLETE FLOP! But starting in 2005, Marvel Studio’s has entered their own space, and set out to produce their own films with Paramount distributing them. What this means is that Marvel will have their own creative control over their movies.
How does this translate into quality movies, take Iron Man–WHAT A FANTASTIC movie! Now without providing a spoiler, you first have to get past the:
- Cheap comedy relief
- Male chauvinist attitude
- Superiority complex (cocky attitude)
When you get past these flaws, the rest is absolutely incredible. The tech was believable and realistic. The duality between good and bad was very nicely complimented. There was a mature theme to the movie, one that you can’t tell in other Marvel-type movies. This one I actually saw twice in one weekend, and that is UNHEARD of!
Mounting Linux Partitions in Ubuntu
May 5th
Mounting Linux Partitions in Ubuntu
If you plug in an external hard drive with a Linux filesystem, it will automount and show up on your desktop, just like any external media. But what if you have an internal hard drive or partition with a Linux filesystem? Well, that’s what this tutorial is about.
Warning: The tutorial on this page is for an internal drive that will serve as an extra data partition. If you would like to mount a separate drive or partition as /home instead, you want a different tutorial.
First you have to determine what the partition is called and what filesystem it is. One quick way to do it if you know what filesystem you formatted the drive as (Ext3, for example) is to just type the terminal command
sudo fdisk -l
Here’s how it could come out:
Disk /dev/hda: 20.0 GB, 20020396544 bytes
255 heads, 63 sectors/track, 2434 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytesDevice Boot Start End Blocks Id System
/dev/hda1 * 1 1275 10241406 83 Linux
/dev/hda2 1276 2434 9309667+ 5 Extended
/dev/hda5 1276 2388 8940141 83 Linux
/dev/hda6 2389 2434 369463+ 82 Linux swap / Solaris
As you can see, I’m able to locate that /dev/hda5 is my Linux partition, but in System, I don’t find out if it’s Ext3 or Reiserfs or what it is. If I happen to know it’s Ext3, cool.
But let’s say I didn’t know. Well, one way to find out for sure is to install GParted and find out:
sudo aptitude update
sudo aptitude install gparted gksu
gksudo gparted
Setting up Apache2.2 with OpenSSL and Generating CSR
May 5th
So I ran into a problem that I’ve been working on for a few days now, and figured I’d give it a quick writeup so that others who may be experiencing this problem would be able to get further and quicker than I did!
So the situation is, how do you configure Apache2.2 with OpenSSL so that you can generate CSR information and host an SSL certificate? Now the catch is that this is all on Windows.
The first thing that you want to do is to download Apache2.2 with SSL. The URL for this is located off the Apache Foundation’s mainsite:
http://apache.oregonstate.edu/httpd/binaries/win32/apache_2.2.8-win32-x86-openssl-0.9.8g.msi
Once you download the MSI file, go ahead and install it. The installer is fairly straight forward, the only things that you will need to do is to fill out certain fields. There is a great writeup on Apache’s website on what each of those variables are and what you need to do through the MSI installer. That’s located:
http://httpd.apache.org/docs/2.2/platform/windows.html
So assuming that you go through that bit and you’ve tested and confirmed that Apache is working the way it should be, the next bit is to get through generating a key file and cert file. Just because they are the biggest and most expensive, I’ll use Verisign for the purposes of this writeup. The URL to their knowledge site that has information on this is:
https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR198
The first step that Verisign provides is:
Step 1: Generate a Key Pair
The utility “openssl” is used to generate the key and CSR. This utility comes with the OpenSSL package and is usually installed under /usr/local/ssl/bin. If you have installed them elsewhere you will need to adjust these instructions appropriately.
Type the following command at the prompt:
openssl genrsa –des3 –out www.mydomain.com.key 1024
This command generates a 1024 bit RSA private key and stores it in the file www.mydomain.com.key.
When prompted for a pass phrase: enter a secure password and remember it, as this pass phrase is what protects the private key. Both the private key and the certificate are required to enable SSL.
NOTE: To bypass the pass phrase requirement, omit the -des3 option when generating the private key. If you leave the private key unprotected, VeriSign recommends access to the server be restricted so that only authorized server administrators can access or read the private key file.
For the purposes of my test, I ran this command from:
C:\Program Files\Apache Software Foundation\Apache2.2\bin
So now, the next step is:
Step 2: Generate the CSR
Type the following command at the prompt:
openssl req –new –key www.mydomain.com.key –out www.mydomain.com.csr (click here for image)
This command will prompt for the following X.509 attributes of the certificate:
Country Name: Use the two-letter code without punctuation for country, for example: US or CA.
State or Province: Spell out the state completely; do not abbreviate the state or province name, for example: California
Locality or City: The Locality field is the city or town name, for example: Berkeley. Do not abbreviate. For example: Saint Louis, not St. Louis
Company: If your company or department has an &, @, or any other symbol using the shift key in its name, you must spell out the symbol or omit it to enroll. Example: XY & Z Corporation would be XYZ Corporation or XY and Z Corportation.
Organizational Unit: This field is optional; but can be used to help identify certificates registered to an organization. The Organizational Unit (OU) field is the name of the department or organization unit making the request. To skip the OU field, press Enter on your keyboard.
Common Name: The Common Name is the Host + Domain Name. It looks like “www.company.com” or “company.com”.
VeriSign certificates can only be used on Web servers using the Common Name specified during enrollment. For example, a certificate for the domain “domain.com” will receive a warning if accessing a site named “www.domain.com” or “secure.domain.com”, because “www.domain.com” and “secure.domain.com” are different from “domain.com”.
Please do not enter your email address, challenge password or an optional company name when generating the CSR.
A public/private key pair has now been created. The private key (www.domain.com.key) is stored locally on the server machine and is used for decryption. The public portion, in the form of a Certificate Signing Request (certrequest.csr), will be for certificate enrollment.
Click here for an image of the CSR.
To copy and paste the information into the enrollment form, open the file in a text editor such as Notepad or Vi and save it as a .txt file. Do not use Microsoft Word as it may insert extra hidden characters that will alter the contents of the CSR.
Once the CSR has been created, proceed to Enrollment.
Now here comes the tricky bit. This part stumped me for quite awhile. If you run the above and get an error message like:
Unable to load config info from /usr/local/ssl/openssl.cnf
Now since this is a Windows machine, obviously the path that is being reported is not going to work as this is going to the /usr mountpoint on a *nix machine. So to fix this you will need to run the command as:
openssl req -new -config “C:\Program Files\Apache Foundation Software\Apache2.2\conf\openssl.cnf” -key keyfilename.key -out csrfilename.csr
You can change the physical path above to match the location of your openssl.cnf file. Doing the above I got past the error message that I’ve listed above and was able to move on to the next steps in the CSR process.
My Tweets
Follow me on Twitter!Armory for evotaliesin
Equipment
Professions
Achievement Points
Recent Achievements
Explore Badlands
Tempest Keep
Twilight Duo (10 player)