3rd February
written by simplelight

Renew the certificate at RapidSSL (or look around for a new vendor)

In the end, all that is needed is to copy the following into /etc/ssl/localcerts

a) private key file (.key)

b) certificate file which is created by cut and pasting first the regular certificate and then the intermediate certificate

Then, run the checks below to make sure everything is working correctly.

Then restart nginx:

sudo /etc/init.d/nginx restart

Note: I had some weird permission issues to it is easiest to just edit the actual files rather than try to create new ones.

Todo next time: Investigate whether it is worth the effort to generate a CSR (certificate signing request) on our server. Also, consider using Let’s Encrypt


Checking that the Private Key Matches the Certificate

The private key contains a series of numbers. Two of those numbers form the “public key”, the others are part of your “private key”. The “public key” bits are also embedded in your Certificate (we get them from your CSR). To check that the public key in your cert matches the public portion of your private key, you need to view the cert and the key and compare the numbers. To view the Certificate and the key run the commands:

$ openssl x509 -noout -text -in server.crt
$ openssl rsa -noout -text -in server.key

The `modulus’ and the `public exponent’ portions in the key and the Certificate must match. But since the public exponent is usually 65537 and it’s bothering comparing long modulus you can use the following approach:

$ openssl x509 -noout -modulus -in server.crt | openssl md5 $ openssl rsa -noout -modulus -in server.key | openssl md5

And then compare these really shorter numbers. With overwhelming probability they will differ if the keys are different. As a one-liner:

$ openssl x509 -noout -modulus -in server.pem | openssl md5 ;\
  openssl rsa -noout -modulus -in server.key | openssl md5

And with auto-magic comparison (If more than one hash is displayed, they don’t match):

$ (openssl x509 -noout -modulus -in server.pem | openssl md5 ;\
   openssl rsa -noout -modulus -in server.key | openssl md5) | uniq

BTW, if I want to check to which key or certificate a particular CSR belongs you can compute

$ openssl req -noout -modulus -in server.csr | openssl md5
17th September
written by simplelight

Instructions for setting up an Ubuntu 12.04 virtual machine for Ruby on Rails development

  1. Turn on virtualization technology in BIOS of host machine. (This is necessary to use a 64-bit Ubuntu distribution)
  2. Download Ubuntu 12.04 64-bit ISO
  3. Create new virtual machine in VMware Player
  4. Install Rails using RailsReady script on Github
  5. Add SSH key to Github
  6. Setup Sublime Text 2
    1. Install Package Control
      1. Install SCSS highlighting
  7. Done.
19th July
written by simplelight

In this way you can obtain the list of the ten oldest processes:

ps -elf | sort -r -k12 | head -n 10

To sort processes by memory usage use “Shift M” when running.

Use ‘c’ to show full path for command.

For other useful ‘top’ configurations.

Tags: ,
6th November
written by simplelight

After downloading the latest Ubuntu desktop appliance from VMware, the following steps are required to get a Rails environment up and running:

Create a new user and add all the required access

Get Ubuntu up to date

sudo apt-get update
sudo apt-get dist-upgrade

Install compile packages

sudo apt-get install build-essential

Install Ruby, MySQL and the Open SSL library

sudo apt-get install ruby ri rdoc mysql-server libmysqlclient15-dev libopenssl-ruby ruby1.8-dev

Install Sun Java

sudo apt-get install sun-java6-jre sun-java6-plugin

Get the latest ruby gems from RubyForge

wget http://rubyforge.org/frs/download.php/57643/rubygems-1.3.5.tgz
tar xvzf rubygems-1.3.5.tgz
cd rubygems-1.3.5
sudo ruby setup.rb

Remove the .tgz file and erase the rubygems-1.3.5 directory too.

Create the following symbolic links

sudo ln -s /usr/bin/gem1.8 /usr/local/bin/gem
sudo ln -s /usr/bin/ruby1.8 /usr/local/bin/ruby
sudo ln -s /usr/bin/rdoc1.8 /usr/local/bin/rdoc
sudo ln -s /usr/bin/ri1.8 /usr/local/bin/ri
sudo ln -s /usr/bin/irb1.8 /usr/local/bin/irb

Install Rails

sudo gem install rails

Add Github for legacy gems

gem sources -a http://gems.github.com

Switch to Gemcutter for primary gem repository

sudo gem install gemcutter
gem tumble
28th February
written by simplelight
ssh-keygen -t rsa

Then use this command to push the key to the remote server, modifying it to match your server name.

cat ~/.ssh/id_rsa.pub | ssh [email protected] 'cat >> .ssh/authorized_keys'
4th August
written by simplelight

If you’re using and Ubuntu virtual machine with VMware Player and are having a problem with the toolbar covering the Ubuntu toolbar then this should fix the problem:

  1. Open “C:\Documents and Settings\<your account>\Application Data\VMware\preferences.ini”
  2. Add this line to the bottom of the file:    pref.vmplayer.fullscreen.nobar = “TRUE”

The “Application Data” folder in C:\Documents and Settings\<your account>\ is typically a hidden folder so you’ll need to view the hidden files to find it.