The slow decline to something better

  • Tomcat 8 redirect and force SSL

    Edit the tomcat8/conf/server.xml and add the following for 80, and another for 8080 if need be. <Connector port=”80″ protocol=”HTTP/1.1″ connectionTimeout=”20000″ URIEncoding=”UTF-8″ enableLookups=”false” redirectPort=”443″ /> Now Edit the tomcat8/conf/web.xml and at the bottom just above </web-app> put in the following and changing Entire Application to your application in webapps. <!– SSL settings. only allow HTTPS access…

  • Java 8, tomcat 8, SSL setup from pfx, using 443

    This took me a day to setup on a new CentOS Amazon image. To be honest I’d never configured SSL for tomcat before, and this was the first time that I’d used tomcat8. So I just want to go over the steps I had to do so I’ll remember all of the tweeks needed. Configuring…

  • How to build Openssl from source

    Recently we had to install openssl but for the 32-bit platform. This is how I did it. wget http://www.openssl.org/source/openssl-0.9.8x.tar.gz tar zxvf openssl-0.9.8x.tar.gz setarch i386 ./config -m32 shared make clean; make install In general though for anything that you need to build the following command will work: ./configure && make && sudo make install

  • Chef change attributes node level Java cookbook

    How do you change the attributes at the node level.  I just went through this recently with some Scala servers that required Oracle Java 7.  The defaults for the Java cookbook at the marketplace: https://supermarket.getchef.com/cookbooks/java#readme are openJDK 6.  To replace them you need to: knife node edit <NODE_NAME> In the editor that pops up add…

  • For your Halloween – Alfred Hichcock’s Ghost Stories

    One of the best records I ever owned.  I nearly wore it out as a kid.  Finally a girlfriend took it from me when I was in college damn it!  But fun stories even now.

  • Interesting Conspiracy Movie from 2012 – ‘111’

    Found an interesting short that tries to bring a bunch of conspiracy theory’s together and …  Well you be the judge.

  • gpg command line

    First create a key: gpg –gen-key For generation I use the default of RSA and RSA, and I use 4096 bits, and i usually let the keys live for 1y. Create a Revocation Certificate so you can Revoke you key on a keyserver gpg –gen-revoke –armor –output=GPGRevocationCertificate.asc your@email.address Create your ASCII public key so other…

  • Unix flush or refresh DNS cache

    For Red Hat systems the command is service nscd restart For Debian systems its /etc/init.d/nscd restart

  • Putty is the worst ssh client ever!

    Putty can’t remember the last IP address you used. It can’t remember anything. the buffer is horrendously low. adding a ssh key should be straight forward. remembering your fucking login ID should be straight forward. remembering the fucking keys!  Even the location of the keys?  changing the color scheme should be easy, and able to…

  • chroot sftp in AWS with likewise / pbis 7.5+

    Oh the humanity!  Configuring chrooted sftp always seems like a chore when you combine it with an out side authentication like winbind or pbis (Power Broker Identity Services). So configuring /etc/ssh/sshd_config is straight forward.  All you need to change is: http://en.wikibooks.org/wiki/OpenSSH/Cookbook/SFTP   But I kept seeing errors in /var/log/secure that said denied access because they…

Got any book recommendations?

Get In Touch