Overview In this article, a procedure is described to generate multiple certificate signing requests (CSR) for TLS servers, such as SMTP-, IMAP- or HTTP-servers, so that we can submit them to a Certificate Authority (CA). The CA will eventually perform the signature and return a public certificate to us. A Shell and the software OpenSSL […]
Artikel in Kategorie "Administration"
Generate Certificate Signing Requests (CSRs) for TLS Server Certificates
28. November 2021 in Administration, GNU/Linux, Technik.
Methods of HTTP Caching
1. März 2021 in Administration, GNU/Linux.
Preface I find the world wide web and the spectrum of methods and instruments that make it happen full of dubiousness and opportunity alike. Caching is generally known as one of the „hard problems“ of information science, and this is not different when it comes to technologies of the web. The text presented here, as […]
Comparing Distinguished LDAP Names
6. August 2020 in Administration, GNU/Linux, Programmierung.
In a Bourne Shell script, a distinguished name (DN) for performing an LDAP-query is held in a variable: dn=“cn=Malmø,ou=County Capitals,dc=Sweden,dc=Europe“ For the purpose of demonstration, this example DN contains a non-ASCII character. Let’s write a Bourne Shell function that escapes such special characters as requested by RFC 4514 using perl’s Net::LDAP::Util: canonical_dn() { perl -s […]
So it is possible …
28. August 2021 in Administration, Gesellschaft, GNU/Linux, Technik.
Update August 28th 2021: I have identified some TLDs that apparently can be used for testing purposes. I have updated the text as indicated. … to have DNS top level domains for bargains (.bargain), the bible (.bible), black friday (.blackfriday) and marketing and social networking (.buzz), but it is not possible to have a TLD […]
Determining User Access on a Linux Filesystem with „Classic Permissions“
30. November 2021 in Administration, GNU/Linux.
Introduction Looking at a Linux filesystem, checking if a certain file or directory is accessible for reading, writing or executing by certain users or groups poses interesting challenges. Let the basic and seemingly simple question be: „Given a user X and a file Y, can it be determined if X has access to Y, and […]
Taking an Online Backup of a SAMBA-4 ActiveDirectory
7. Dezember 2019 in Administration, GNU/Linux.
Notes: The following procedure is available starting with SAMBA version 4.9. The procedure can be performed on a host that is unrelated to the domain, but one domain controller must be reachable, must be used as a nameserver at the time of the backup and have open ports for DNS (53/tcp and /udp) SSH (22/tcp), […]
AD-Precreation using ktutil, kinit and adcli
4. Dezember 2019 in Administration, GNU/Linux.
Using computer object precreation you can enable machines to join an Active Directory domain with knowledge of just one dedicated one-time-password. Combined with delegation you can offload management of computer objects to an otherwise unprivileged AD user.
Auf macOS HTTP(S) ohne Entwickler-Werkzeuge protokollieren
6. März 2018 in Administration, Programmierung.
Die Browser-Entwicklerwerkzeuge sind nett, aber der Netzwerktraffic-Reiter hat (insbesondere bei FF) ein Problem, er reisst die Performance so weit runter, dass einem das Gesicht einschläft. Auf macOS verwende ich „mitmproxy“, um HTTP und HTTPS zwischen Browser und Server zu protokollieren. Das Verfahren erfordert die Installation von „homebrew“ (ein Paket-Manager für macOS) und damit dann „mitmproxy“ […]