Categoria: Console

Publicado em

openssl Extract key from p12 pkcs

openssl pkcs12 -in yourP12File.pfx -nocerts -out privateKey.pem

openssl pkcs12 -in yourP12File.pfx -nocerts -out privateKey.pem

openssl pkcs12 -in yourP12File.pfx -clcerts -nokeys -out publicCert.pem

http://stackoverflow.com/questions/9497719/how-to-extract-a-public-private-key-from-a-pkcs12-file-with-openssl-for-later-us

Publicado em

openssl – Create self signed certificate

Step 1: Generate a Private Key

openssl genrsa -des3 -out server.key 1024

to generate key without password:

openssl genrsa -out server.key 1024

Step 2: Generate a CSR (Certificate Signing Request)

openssl req -new -key server.key -out server.csr

Step 3: Remove Passphrase from Key

cp server.key server.key.org
openssl rsa -in server.key.org -out server.key

Step 4: Generating a Self-Signed Certificate

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

Step 5: Installing the Private Key and Certificate

cp server.crt /usr/local/apache/conf/ssl.crt
cp server.key /usr/local/apache/conf/ssl.key

Step 6: Configuring SSL Enabled Virtual Hosts

SSLEngine on
SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt
SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key
SetEnvIf User-Agent “.*MSIE.*” nokeepalive ssl-unclean-shutdown
CustomLog logs/ssl_request_log
“%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x “%r” %b”

Step 7: Restart Apache and Test

/etc/init.d/httpd stop
/etc/init.d/httpd stop

or

service apache2 restart

 

http://www.akadia.com/services/ssh_test_certificate.html

Publicado em

change localtime on Centos

Firstly you’ll need to know your timezone and/or country, a list can be found in /usr/share/zoneinfo/

The more generic procedure to change the timezone is to create a symlink to file /etc/localtime

# ln -sf /usr/share/zoneinfo/America/Sao_Paulo /etc/localtime

OR you can copy and replace the current localtime setting

# cp /usr/share/zoneinfo/America/Sao_Paulo /etc/localtime

To verify that your timezone is changed use the date command:

# date

 

http://www.how2centos.com/centos-change-timezone/

Publicado em

Disable SELinux CentOS 6

# vi /etc/selinux/config

 

Change SELINUX=enforcing

1
2
3
4
5
6
7
8
9
10
 
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

to SELINUX=disabled

1
2
3
4
5
6
7
8
9
10
 
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
#       targeted - Only targeted network daemons are protected.
#       strict - Full SELinux protection.
SELINUXTYPE=targeted

This will disable SELinux on your next reboot.