×

Setting Up an Icecast Audio Streaming Server

This article will guide you through the steps on setting up an HTTPS audio stream over #Icecast on #Linux. The guide will assume that you are running #Ubuntu 18.04.

Configure SSL / TLS in Nagios Log Server - How to do it ?

This article covers how to configure SSL/TLS in Nagios Log Server. SSL/TLS provides security between the end user's web browser and Nagios Log

Server by encrypting the traffic. This guide is intended for use by Nagios Log Server Administrators who require encrypted connections to their Nagios Log Server.

Cloudflare err_ssl_protocol_error - Fix it Now ?

This article covers methods to resolve Cloudflare ERR_SSL_PROTOCOL_ERROR. Basically, this error happens as a result of a number of reasons that include wrong DNS settings, SSL mode, TLS version or issues with SSL certificate. 


To fix this error,

1. If you are not the site owner, contact the site owner and let them know you are having issues accessing their site.

2. The domain name has not fully been set to use Cloudflare yet. Check to see if there are non-Cloudflare nameservers that are conflicting with the assigned Cloudflare name servers.

3. You are signed up for Cloudflare, but you have set a DNS record to :grey:. If you have a subdomain or hostname and that serves HTTP/HTTPS traffic, we would advise that you :orange: this DNS record to take advantage of Cloudflare’s security and performance features. See What subdomains are appropriate for :orange:/:grey: clouds? 69

4. The Free Universal SSL certificate hasn’t yet been deployed, :grey: (deactivate) Cloudflare so that your website can continue to use your origin’s SSL certificate. Wait 24 hours and :orange: (activate) Cloudflare again to see if your SSL certificate has been successfully deployed.

5. You have some conflict with TLS 1.3, disable it and see if you still encounter the error.

6. You have selected Full SSL (strict) under your SSL/TLS app, but your origin does not have a valid certificate (i.e., it is expired, self-signed, or not issued by a trusted CA). Temporarily select another SSL option until you have a valid origin certificate in place.

7. Try to look at developer web console (firefox Ctrl+Shift+K) - anything interesting under Security tab.

8. Also, Try to run the command curl -vk on the affected domain.

No SSL library support - How to fix this Web Agent installation error

This article covers methods of resolving No SSL/library support: Web Agent installation error. This issue arises when you are trying to install a 32bit version of the agent on a 64bit system; the 32bit version of the agentadmin tool cannot open the 64bit SSL libraries.
Therefore, If your operating system does not include native openssl packages, you must install OpenSSL.

To fix this Web Agent installation error on Linux:
1. Ensure you are installing the appropriate version of the agent; if you have a 64bit operating system, you must install the 64bit agent.
2. Ensure either the operating system provides native openssl packages or OpenSSL is installed. If you are using OpenSSL, you can check that the OpenSSL libraries are in the correct location as follows and add them if they are missing:
a. Check that the LD_LIBRARY_PATH environment variable is set. For example: $ echo $LD_LIBRARY_PATH
b. Check that the OpenSSL libraries (libcrypto.so and libssl.so) are available in the path specified in this environment variable (LD_LIBRARY_PATH).

Secure osTicket with Lets Encrypt SSL Certificates - Do it Now

This article covers how secure osTicket with Let’s Encrypt SSL Certificates. You can use the Certbot to request for SSL certificates from Let's Encrypt Certificate Authority. The tool is not available by default and will need to be installed manually.


To Install certbot certificate generation tool:

1. Install certbot on Ubuntu /Debian:

# Install certbot on Ubuntu /Debian

$ sudo apt update

# Apache

$ sudo apt-get install python-certbot-apache

# Nginx

$ sudo apt-get install python-certbot-nginx


2. Install certbot on CentOS 8 / CentOS 7:

On a CentOS system run either of the following commands:

# CentOS 8

## For Apache

$ sudo yum -y install python3-certbot-apache

## For Nginx

$ sudo yum -y install python3-certbot-nginx

# CentOS 7

## For Apache

$ sudo yum -y install python2-certbot-apache

## For Nginx

$ sudo yum -y install python2-certbot-nginx

Add user in VestaCP - How to do it

This article covers how to add a user in VestaCP. Vesta control panel (VestaCP) is an open source hosting control panel, which can be used to manage multiple websites, creat and manage email accounts, FTP accounts, and MySQL databases, manage DNS records and so on.


To Add / Edit User in VestaCP:

1. First, click the USER tab on top, then click the green coloured “+” to add a new user.

2. Fill in the details for the new user. Click “Add” when you’ve completed the info.

3. This message will pop up if all the info are filled in correctly.

Now, you will see 2 users to choose from. Access the newly created user by clicking on “Login as (username)”. 

Each user can manage their own web, DNS, mail and database, etc.

You can also perform edit, deletion or suspension of user accounts using the buttons shown in the red box.


To uninstall Vesta Control panel:

1. Stop vesta service. service vesta stop.

Remove vesta packages and software repository. RHEL/CentOS: yum remove vesta* rm -f /etc/yum.repos.d/vesta.repo. Debian/Ubuntu: apt-get remove vesta* rm -f /etc/apt/sources.list.d/vesta.list.

2. Delete data directory and cron.

Configure Varnish with Apache - How to do it

This article covers how to configure Varnish #cache on the #Apache server. Varnish is an HTTP accelerator and a useful tool for speeding up a server, especially during a times when there is high traffic to a site. 

It works by redirecting visitors to static pages whenever possible and only drawing on the virtual private server itself if there is a need for an active process.

#Varnish is a caching HTTP reverse proxy. It receives requests from clients and tries to answer them from the cache.


Where is varnish configuration file?

The Varnish configuration file will be located in the /etc/varnish directory in CentOS 7. 

To make Varnish work in front of Apache, you will need to set up some basic configurations. 

By default Varnish listens on port 6081 . 

You will need to change port 6081 to 80 so that website requests access the Varnish cache first.


What is varnish WordPress?

Varnish is a full-page cache and HTTP preprocessor which can be used to speed up requests for a WordPress site. 

Setting up Varnish is a technical task, as it requires installing and configuring a system package on a web server, rather than just installing a plugin.

Zabbix server cant connect to java gateway - Fix it now

This article covers how to fix Zabbix error "Server can't connect to java gateway" by making some changes in the server configuration files and restarting the Zabbix and java gateway. 

Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. 

This allows a fast reaction to server problems. 

Zabbix offers excellent reporting and data visualization features based on the stored data. 

This makes Zabbix ideal for capacity planning.

Install Firejail in Linux

This article will guide you on steps to #install #Firejail in Linux. Basically, Firejail reduces the risk of security breaches by restricting the untrusted applications and separating them from other parts of the system. 

#Sandboxing involves providing a safe environment for a program or #software so that you can play around with it without hurting your system. It actually keeps your program isolated from the rest of the system, by using any one of the different methods available in the #Linux #kernel.

To Install the Firejail Software:

1. Open up a terminal window.

2. Issue the command sudo apt-get install firejail.

3. Type your sudo password and hit Enter.

4. If prompted, type y to allow the installation to continue.

5. Allow the installation to complete.

Install Microsoft PowerShell on Ubuntu

This article will guide you on steps to install PowerShell on #Ubuntu. #PowerShell is a configuration management tool that brings the capabilities of Linux command-line interface (#CLI) control into the historically point-and-click Windows environment to manage Windows servers efficiently in virtual deployments.

With PowerShell and WSL, we can integrate Linux commands into #Windows just as if they were native applications. 

No need to hunt around for Win32 builds of #Linux utilities or be forced to interrupt your workflow to drop into a Linux shell.

To check the PowerShell version installed in your system, you can use either $PSVersionTable or $host command.

To get a list of PowerShell commands:

1. Get-Command gets the commands from #PowerShell modules and commands that were imported from other sessions. 

2. To get only commands that have been imported into the current session, use the ListImported parameter. 

3. Without parameters, Get-Command gets all of the #cmdlets, functions, and aliases installed on the #computer.

Logging in Apache More about it

The Apache access logs stores information about events that occurred on your #Apache web #server. Apache web servers also provide administrators with another type of log file called error logs. 

The Apache error log has a logging level that filters the messages sent to the log. Apache #logs nothing for a single page request in warn level.

This log file is used to provide more information regarding a particular error that has occurred on the web server.

By default, you can find the Apache #access log file at the following path:

i. /var/log/apache/access. log.

ii. /var/log/apache2/access. log.

iii. /etc/httpd/logs/access_log.

To enable the Apache #HTTP access logs:

1. Open the Apache HTTP configuration at /Applications/MAMP/conf/apache/httpd.conf.

2. Find this line.

3. Change the line.

4. Restart Apache using the MAMP widgit.

5. Now, view your new logfiles!

Install SSL Certificate in IIS 7

This article will guide you on steps to #install SSL Certificate in IIS 7 #windows 2008 server. 

IIS (Internet Information Services) is used to host ASP.NET web applications and static #websites. It can also be used as an #FTP server, host WCF services, and be extended to host #web #applications built on other platforms such as #PHP. There are built-in authentication options such as Basic, ASP.NET, and Windows auth.

To install a certificate in Windows Server:

i. In the left pane of the console, double-click #Certificates (Local Computer). 

ii. Right-click Personal, point to All Tasks, and then select Import. 

iii. On the Welcome to the Certificate Import Wizard page, select Next. 

iv. On the File to Import page, select Browse, locate your certificate file, and then select Next.

To enable SSL in IIS:

1. On the #IIS server, start the IIS Manager (on the Windows taskbar, select Start > Administrative Tools > Internet Information Services (IIS) Manager).

2. Enabling SSL in IIS

3. In Type, select https.

4. In SSL certificate, select an appropriate certificate from available choices.

5. Click OK.

Security certificate does not specify subject alternative names

This article will guide you on steps to fix #Security certificate does not specify subject alternative names. 

Basically, the #error, Security certificate does not specify subject alternative names trigger if the certificate does not have the correct SubjectAlternativeName extension.

Subject Alternative Names or SANs allow you to secure multiple domains from one SAN SSL certificate. SANs are additional domain names added to an SSL certificate.

To add a Subject Alternative Name to a certificate:

1. If you want to add #SAN, most CAs allow you to reissue a certificate with new details, though this will usually revoke your old certificate. 

2. You don't need the old CSR to reissue a certificate, you can instead create a new CSR with the updated details using a new or existing private key.

The Subject Alternative Name (#SAN) is an extension to the X. 509 specification that allows users to specify additional host names for a single SSL certificate. The use of the SAN extension is standard practice for #SSL #certificates, and it's on its way to replacing the use of the common name.

Wget SSL error How to fix it

This article will guide you on steps to fix #Wget #SSL error which is a generic #error that pops an error message "Unable to establish SSL connection" .
To support encrypted HTTP ( #HTTPS ) downloads, Wget must be compiled with an external SSL library, currently #OpenSSL. If Wget is compiled without SSL support, none of these options are available."
You might need to check whether the version of wget you are using supports #SSL.

Lets encrypt new auth status 429 error

This article will guide you on methods to troubleshoot and fix 429 error which occurs due to creation of multiple #SSL #certificates for a #domain. 

1. 429 means you went over the rate #limits. 

2. You issued 5 certificates in the last week.  This is why you get a #429 answer.

3. You need to wait two days to get another one. do you have access to the certificates you issued?

Error code 15 in VestaCP

This article will guide you on different methods to resolve #VestaCP #error code 15 which happens when trying to add #Lets #Encrypt SSL to a domain which already had Lets Encrypt set up.

To Fix SSL/TLS Certificate Error – Invalid SSL #Certificate Error:

1. First, verify whether the #Firewall or #Antivirus program is interrupting #SSL connection. 

2. Clear #cache files, internet browsing history, and cookies.

3. Verify whether the system's date is correct, whether it matches the current time zone.

Courier IMAP SSL How to secure your IMAP servers with SSL

This article will guide you on how to fix #IMAP #SSL #error which occurs as a result of incorrect file generation or wrong SSL #port #settings cause problems with the proper functioning of SSL on #courier IMAP SSL servers.

To add SSL support you have to install #OpenSSL or #GnuTLS before installing Courier-IMAP. #Download OpenSSL from http://www.openssl.org/, or GnuTLS from http://www.gnutls.org.

How to Set Up Multiple SSLs on One IP With Nginx

This article will guide you on how to set up multiple #SSL #certificates on one #IP with #Nginx. 

To set up Multiple SSL Certificates on a Single IP Using Nginx:

1. Domain names should be registered in order to serve the certificates by SNI.

2. Root Privileges to the server.

3. Nginx should already be installed and running on your #VPS. To #install Nginx: # sudo apt-get install nginx.

4. Make sure that #SNI is enabled in the #server.

SSLRandomSeed cannot occur within VirtualHost section

This article will guide you on how to fix SSLRandomSeed cannot occur within VirtualHost section which triggers when the #SSLRandomSeed directive is specified inside the #VirtualHost section. 

Send Syslog with SSL TLS to Nagios Log Server

This article will guide you on how to Send #Syslog with #SSL / #TLS to Nagios Log Server by encryption which ensures that the #traffic between the #Linux machine and Nagios Log Server is not sent in plain text.

Steps to create a Self-Signed SSL Certificate for Apache in CentOS 8

This article will guide you on how to configure #Apache to serve encrypted requests using a self-signed SSL certificate and to redirect unencrypted HTTP requests to #HTTPS. Self-signed #certificates or certificates issued by a private CAs are not appropriate for use with the general public. It can only properly verify the identity of the server when it is signed by a trusted third party because any attacker can create a self-signed certificate and launch a man-in-the-middle attack.

Secure Wamp Server How to do it effectively

This article will guide you on the different methods to secure #WAMP Server. Basically, WAMP provides support for #MySQL and #PHP. It can be used in production under condition that you install the secure WAMP #distro and it can run on #Internet and not just #intranet.

Send NXLogs with SSL TLS to Nagios Log Server

This guide will guide you on how to send NXLogs with SSL/TLS to #Nagios #Log #Server. Encryption ensures that the traffic between the #Windows machine and Nagios Log Server is not sent in plain text.

SSLSessionCache cannot occur within VirtualHost section

This article will guide you on the steps to resolve #SSLSessionCache cannot occur within #VirtualHost section issue. Basically, SSLSessionCache is a file-based #cache of established #SSL sessions.

Step by step process to Secure Apache with Lets Encrypt on CentOS 8

This article will guide you on the process to secure #Apache with Let’s Encrypt by installing Let's Encrypt #Certbot client, downloading #SSL #certificates for the #domain, and setting up automatic certificate renewal.

The objective of Let's Encrypt and the #ACME protocol is to make it possible to set up an #HTTPS server and have it automatically obtain a browser-trusted certificate, without any human intervention.

Configure Jenkins with SSL using an Nginx

This article will guide you on how to configure #Jenkins with #SSL using an #Nginx reverse proxy. It is important to secure Jenkins with SSL to protect passwords and sensitive data transmitted through the #web interface.

YUM History command Ways to use it

This article will guide you on #YUM history #command in #Linux which provides a detailed history of YUM #transactions in order to find out information about installed packages and those that where removed/erased from a #system. 

The yum history command allows users to review information about a timeline of Yum transactions, the dates and times they occurred, the number of packages affected, whether transactions succeeded or were aborted, and if the RPM #database was changed between transactions.

304 not modified error Steps to fix it

An #HTTP 304 not modified status #code means that the website you're requesting hasn't been updated since the last time you accessed it.

Basically, your browser will save (or cache) web #pages so it doesn't have to repeatedly download the same information. This is an attempt to speed up page delivery. However, if this happens to your site, #visitors could be prevented from accessing your #web pages.

Apache error AH02572 Failed to configure at least one certificate and key

This article will guide you on the steps to resolve #Apache #error "AH02572: Failed to configure at least one #certificate and key" which happens due to improper #SSL configuration.

Enable OCSP stapling on Nginx Server

This article will guide you on the steps to configure OCSP stapling on the Nginx server.

VMWare vCenter Self-Signed Certificate Warning

This article will guide you on the steps to remove VMWare vCenter Self-Signed Certificate Warning.

Install and Configure Salt Master on Ubuntu

This article will give you a comprehensive guide on the steps to perform installation and configuration of Salt Master and Minion servers on Ubuntu which involves a series of steps that include installing the master daemon, initial master configuration, installing a separate minion, and configuring the Minion.

Configure Lets Encrypt on WAMP Server

This guide will guide you through the processes to set up Let's Encrypt in the WAMP server.

Steps to install OpenLiteSpeed on CentOS

This article will guide you on how to perform installation of OpenLiteSpeed on Centos Server.

Steps to install Wraith on Ubuntu

This article will guide you on how to install Wraith on Ubuntu which requires adding Ruby, ImageMagick, and some other dependencies added to the system.

Gradle Installation and Configuration on Linux

This guide will show the steps to install and configure Gradle on Linux and Windows.

How to fix OCSP SSL Certificate Stapling error

OCSP SSL Stapling error is usually triggered when accessing a website using https:// SSL protocol.

How to fix SSLSessionCache shmcb session cache not supported

SSLSessionCache: 'shmcb' error is usually triggered after upgrading the Apache from 2.2. to 2.4 version.

VestaCP Error Lets Encrypt validation status 400 error

VestaCP Let's Encrypt error status 400 occurs when trying to request Let’s Encrypt SSL for domains in a vestaCP control panel.

How to fix ssl_stapling ignored ssl error

ssl_stapling ignored Certificate error occurs when there are problems in the Certificate files experienced while trying to restart Nginx web server.

how to solve cURL error 60 SSL certificate problem

How to fix cURL error 60 ssl certificate problem which occurs when cURL cannot find any valid certificate to communicate securely over https.

Easy way to fix connection timed out error during http-01 challenge propagation in Kubernetes

Best fix to "Connection timed out" error during http-01 challenge propagation.

Solution to certificate routines X509_check_private_key key values mismatch

Main causes of  certificate routines X509_check_private_key key values mismatch in Apache web server  SSL Certificates.

Solution to sslv3 alert handshake failure

Easy method to fix SSLv3 alert handshake failure.

Solution to unable to write random state openssl error

Best methods to fix "unable to write random state" OpenSSL error.

Solution to SSLPassPhraseDialog builtin is not supported on Win32 error

Easy way to fix  SSLPassPhraseDialog builtin is not supported on Win32 error in relation to Apache web server.

Solution to err_ssl_protocol_error

Best method to fix err_ssl_protocol_error in an affected application or website.

Solve Apache error AH01276 Cannot serve directory

The solution to Apache server error No matching DirectoryIndex is here in this Article.


Solve 534 policy requires SSL server error

534 policy requires SSL server connection error triggers when you want to connect to the file manager of a website via an ftp client.

Fix Cloudflare error 526 Invalid SSL certificate

When a server's SSL/TLS certificate cannot be validated by Cloudflare Service then an SSL issue known as "error 526" occurs.

Easy fix to SQL error 5023

From time to time, we do receive SQL related server bugs queries of which one of it was "SQL error 5023".

This SQL error is very catastrophic and it tends to disrupt the SQL server when it is trying to start up.


To fix SQL Server Error 1225:

1. Click WindowsKey + R and enter services. msc.

2. Once Services opens scroll down and locate service SQL Server.

3. Highlight the service and click START.

4. Wait for the service to start and retry to connect to your MSSQL instance.

How to fix SSL error err sslversion or cipher mismatch

The error ERR_SSL_VERSION_OR_CIPHER_MISMATCH occurs when a user's browser cannot establish a secure connection with a web server that uses #HTTPS and SSL. 

The issue may lie in the server configuration or locally on a user's #computer.

Also, the ERR SSL VERSION OR CIPHER MISMATCH error could be caused by certain security settings. 

Applying changes to the SSL might help you solve the annoying ERR SSL VERSION problem. 

Sometimes switching to another browser can be the easy fix you need.


To Fix ERR_SSL_PROTOCOL_ERROR:

1. Set correct system date, time & region.

2. Clear Chrome's cache and cookies.

3. Disable #QUIC Protocol.

4. Disable extensions.

5. Remove your system's hosts file.

6. Clear SSL State.

7. Lower your internet security and privacy level.

8. Disable your security tools for a moment.


Error such as Err_ssl_version_or_cipher_mismatch tend to pop up when there is a inappropriate configuration in the SSL certificate.

Easy way to convert cPanel SSL Certificate from PEM format to PFX

pem is a de-facto file format called Privacy-Enhanced Mail. These are interchangeable file extensions for the PKCS#12 format. 

Technically, PKCS#12 is the successor to Microsoft's PFX format, but they have become interchangeable. PKCS#12 files are archives for cryptographic material.

PKCS#12 (also known as PKCS12 or PFX) is a binary format for storing a certificate chain and private key in a single, encryptable file.

All SSL Certificates require a private key to work. The private key is a separate file that's used in the encryption/decryption of data sent between your server and the connecting clients.

A private key is created by you—the certificate owner—when you request your certificate with a Certificate Signing Request (CSR).

Basically, the default SSL file format used by apache web server is the PEM format. Whereas PFX files are used on MacOS and Windows systems to do export and import activities of private keys and certificates.

Install FortiClient VPN on Ubuntu 20.04 LTS - Step by step guide ?

This article covers how to install FortiClient VPN on Ubuntu 20.04 LTS. In fact, FortiClient is a security solution designed to reduce your computer's vulnerability. However, the FortiClient user interface itself only contains the vulnerability scan and a tab in which you can set up a VPN connection for remote access.

Install an SSL Certificate in Tomcat for a Java project in Linux

This article covers how to generate CSR files and install CA signed SSL certificates in Tomcat for Java projects.


The need to create a self-signed certificate ?

  • It allows you to learn to create a keystore and certificate, which is good practice for getting an actual SSL/TLS certificate provided by a Certificate Authority.
  • It allows you to use a certificate right away and make sure it works successfully.
  • It's free.

Generate CSR (Certificate Signing Request) in Linux ?

This article covers the process of creating a CSR file in any Linyx system which is very necessary before applying for an SSL certificate from a Certificate Authority(CA). In fact, Certificate Signing Request(CSR) is a block encrypted text which is given to Certificate Authority when applying for SSL Certificate. Generation of Certificate Signing Request(CSR) for Secure Sockets Layer(SSL) is common in Linux on various distributions. 

CSR is generated on the server, it stores information relating to the organization, domain name, country, a city which is to be included in the certificate.  The CSR Certificate can be used on any website whenever it is necessary to encrypt communications. To generate an SSL certificate, CSR certificate has to be generated. To obtain a self-signed SSL Certificate, it is necessary to create CSR, after generating submit it to a certificate authority to acquire an SSL Certificate. 

Configure Nginx Server Block and Secure Nginx with Let's Encrypt SSL on Rocky Linux 8 / CentOS 8

This article covers how you can configure an Nginx server block and secure your web server using Let's Encrypt SSL. In fact, Let’s Encrypt SSL certificate is a digital certificate provided by Let’s Encrypt CA ( Certificate Authority) to secure a web server.


How to Install Certbot on your RHEL-based distros / Linux system ?

1. First, install the EPEL repository which provides additional and high-quality packages for RHEL-based distros:

$ sudo dnf install -y epel-release

2. Once installed, install certbot and certbot module for Nginx:

$ sudo dnf install certbot python3-certbot-nginx

This installs certbot, certbot module for Nginx host of other packages and dependencies.

Install Vsftpd with SSL / TLS on Ubuntu 20.04 - Best Procedure ?

This article covers a complete guide on how to install Vsftpd with SSL/TLS on Ubuntu 20.04. In fact, sftpd (i.e. very secure FTP daemon) is an FTP server software for Linux and other Unix-like systems. An FTP server software facilitates the transfer of files from a client computer to the server and vice versa.

Encrypt Apache Webserver with Let's Encrypt SSL Certificate on Rocky Linux 8 - How to do it ?

This article covers how to secure your Apache webserver with Let's Encrypt SSL certificate. In fact, Let's Encrypt SSL certificates are yet another option for securing your web site with an SSL. Once installed, the system provides automatic renewal of certificates and will encrypt traffic to your web site.

Configure HTTP/2 in Nginx on Ubuntu 20.04 - Best way to do it ?

This article covers how to enable HTTP/2 on the Nginx webserver on Ubuntu 20.04. In fact, the primary focus of HTTP/2 is to reduce overall web page loading time, thus improving performance. It also focuses on network and server resource usage as well as security because, with HTTP/2, SSL/TLS encryption is mandatory.

If the Nginx server is sitting behind a web application firewall, ensure that the web application firewall (WAF) is capable of parsing HTTP/2 traffic.

HTTP/2 protocol main advantage over its predecessor HTTP 1.1 is that it has a higher transfer speed required for content-rich websites.

Top 7 Best Free SSL Certificate Services

This article covers a detailed review of the leading SSL certificate provision services in the market. Many SSL certificate providers offer brilliant security and privacy-related services but at a hefty cost. However, in this article, we discuss the SSL certificate providers that offer their World Wide Web protection services either for free or offer free trials so that users can acquaint themselves with the services to make the best decisions for their products, or their organizations. Let's Encrypt and SSL For Free offer free SSL certification for all, whereas Comodo, Cloudfare, HubSpot, GeoTrust, and GoDaddy offer free trials varying between the free trial periods ranging from 14 days for up to 30 days.

Website security is a top concern for site owners and visitors alike. If your site isn't secure, people won’t feel safe browsing, purchasing, making clicks, or entering any information on your pages.

Install Thunderbird on Ubuntu 20.04 - Best Method ?

This article covers the three different methodologies of installing Thunderbird in Ubuntu. Thunderbird is available for various distributions like macOS, Linux, Microsoft Windows etc. thereby making it a cross platform application.

To Install Thunderbird through apt:

1. First update Ubuntu repository,

$ sudo apt update

2. Now, to install Thunderbird issue the following in terminal,

$ sudo apt install thunderbird

3. Lastly, Thunderbird can accessed either through System's main Menu or from terminal (Run "thunderbird" in terminal to run the application).

Install the Let's Encrypt Certificate Using Certbot in Ubuntu 20.04 - How to do it on Nginx web server ?

This article covers how to install Certbot, to get let's encrypt certificates. SSL/TLS encryption is an integral part of the network infrastructure. Any web and mail server allows you to enable data encryption.

To begin, you must have a domain name. Its DNS A-record must contain the public address of your server. If the firewall is enabled, open access for HTTP and HTTPS traffic:

$ sudo ufw allow 80
$ sudo ufw allow 443


To Install the "Let's Encrypt" package on Ubuntu:

1. Run the command below to install Let's Encrypt.

$ sudo apt install letsencrypt

2. Check the "certbot.timer" utility for automatic certificate renewal.

$ sudo systemctl status certbot.timer

Secure Nginx with Let's Encrypt on Ubuntu 18.04 - How to do it ?

This article covers how to install certbot client, obtain Let's Encrypt SSL certificate and configured to Nginx to use the certificates. Also, you will learn how to set up a cronjob for automatic certificate renewal.

Let's Encrypt is a Certificate Authority (CA) that provides an easy way to obtain and install free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers. 


To Install Certbot on Ubuntu:

1. First, add the repository.

$ sudo add-apt-repository ppa:certbot/certbot

You'll need to press ENTER to accept.

2. Install Certbot's Nginx package with apt:

$ sudo apt install python-certbot-nginx

Secure Nginx with Let's Encrypt on Debian 9 - How to do it ?

This article covers how to install certbot client, obtain Let's Encrypt SSL certificate and configured to Nginx to use the certificates. Also you will learn how to set up a cronjob for automatic certificate renewal.


To install the Certbot software on Debian:

1. Update your package list.

$ sudo apt update

2. Next, install the dependencies for the python3-certbot-nginx package, which include the python3-acme, python3-certbot, python3-mock, python3-openssl, python3-pkg-resources, python3-pyparsing, and python3-zope.interface packages.

$ sudo apt install python3-acme python3-certbot python3-mock python3-openssl python3-pkg-resources python3-pyparsing python3-zope.interface

3. Finally, install the python3-certbot-nginx package:

$ sudo apt install python3-certbot-nginx

Secure Nginx with Let's Encrypt on CentOS 7 - How to do it ?

This article covers how to use the certbot Let’s Encrypt client to obtain a free SSL certificate and use it with Nginx on CentOS 7. 

Let's Encrypt is a new Certificate Authority (CA) that provides an easy way to obtain and install free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers. It simplifies the process by providing a software client, Certbot, that attempts to automate most (if not all) of the required steps. 

Currently, the entire process of obtaining and installing a certificate is fully automated on both Apache and Nginx web servers.


To Install the Certbot Let's Encrypt Client:

1. Enable access to the EPEL repository on your server by typing:

$ sudo yum install epel-release

2. Once the repository has been enabled, you can obtain the certbot-nginx package by typing:

$ sudo yum install certbot-nginx


How to Install Nginx on CentOS ?

1. To install Nginx, run the command:

$ sudo yum install nginx

2. Then, start Nginx using systemctl:

$ sudo systemctl start nginx


How to configure firewall on CentOS ?

If you have a firewall enabled, make sure port 80 and 443 are open to incoming traffic.

1. If you have a firewalld firewall running, you can open these ports by typing:

$ sudo firewall-cmd --add-service=http
$ sudo firewall-cmd --add-service=https
$ sudo firewall-cmd --runtime-to-permanent

2. If have an iptables firewall running, the commands you need to run are highly dependent on your current rule set. For a basic rule set, you can add HTTP and HTTPS access by typing:

$ sudo iptables -I INPUT -p tcp -m tcp --dport 80 -j ACCEPT
$ sudo iptables -I INPUT -p tcp -m tcp --dport 443 -j ACCEPT

Secure Apache with Let's Encrypt on Ubuntu 18.04 - How to do about it ?

This article covers how to install Let’s Encrypt SSL on Ubuntu 18.04 by using Certbot. Enabling an encrypted connection to the web server is fundamental because it allows you to use the secure HTTPS protocol for your website. Let's Encrypt, a Certification Authority issues a free certificate completely in line with the required security standards. Let's Encrypt simplifies the process for installing the security certificate to help even the less experienced user secure a website through the use of the Certbot client.


To Install Certbot client on Ubuntu:

1. First, add the Certbot repository:

$ sudo add-apt-repository ppa:certbot/certbot

You'll need to press ENTER to accept.

2. Install Certbot's Apache package with apt:

$ sudo apt install python-certbot-apache

Secure Apache with Let's Encrypt on CentOS 7 - Step by Step Process ?

This article covers how to secure Apache with Let's Encrypt SSL on CentOS 7 using Certbot client. Also, you will learn how to set up a cronjob for automatic certificate renewal. Basically, A security certificate is critical for securing traffic sent from web browsers to web servers. Let's Encrypt certificate is a free, open and automated certificate authority that you can use to encrypt your site. The certificate expires after every 90 days and auto-renews at absolutely no cost.


To Install Certbot in CentOS 8.

Certbot is a client that automates the installation of the security certificate. It fetches the certificate from Let's encrypt authority and deploys it on your web server without much of a hassle.

1. Before downloading certbot, first, install packages that are necessary for the configuration of an encrypted connection:

$ sudo dnf install mod_ssl openssl

2. Download certbot using the curl command:

$ sudo curl -O https://dl.eff.org/certbot-auto

3. Next, move the certbot file to the /usr/local/bin directory and assign the execute file permissions:

$ sudo mv certbot-auto /usr/local/bin
$ sudo chmod 755 /usr/local/bin/certbot-auto


To Assign the permissions to the Document root of a domain:

$ sudo chown -R apache:apache /var/www/domain.com

For the changes to come into effect, restart the Apache service:

$ sudo systemctl restart httpd

Use Let's Encrypt To Secure Apache2 On Ubuntu - How to do it ?

This article covers method to Secure Apache with Let's Encrypt on Ubuntu 20.04. Let's Encrypt is a certificate authority created by the Internet Security Research Group (ISRG).

It provides free SSL certificates via a fully automated process designed to eliminate manual certificate creation, validation, installation, and renewal.

Certificates issued by Let's Encrypt are valid for 90 days from the issue date and trusted by all major browsers today.


To install Certbot on Ubuntu:

Certbot is a command-line tool that automates the tasks for obtaining and renewing Let’s Encrypt SSL certificates. 

The certbot package is included in the default Ubuntu repositories. 

Update the packages list and install certbot using the following commands:

$ sudo apt update
$ sudo apt install certbot

Before enabling the configuration files, make sure both mod_ssl and mod_headers are enabled by issuing:

$ sudo a2enmod ssl
$ sudo a2enmod headers

Next, enable the SSL configuration files by running the following commands:

$ sudo a2enconf letsencrypt
$ sudo a2enconf ssl-params

Enable the HTTP/2 module, which will make your sites faster and more robust:

$ sudo a2enmod http2

Reload the Apache configuration for changes to take effect:

$ sudo systemctl reload apache2

Install Microsoft PowerShell in Ubuntu 20.04 - How to perform this task ?

This article covers the different methods for installing Microsoft PowerShell on Ubuntu which includes installation via package repository, via .deb package, and via snap. 

PowerShell for Linux is published to package repositories for easy installation and updates. 

As superuser, register the Microsoft repository once. 

After registration, you can update PowerShell with sudo apt-get install powershell.


To install PowerShell on Ubuntu 20.04:

PowerShell for Linux is published to package repositories for easy installation and updates.

So do the following;

1. # Update the list of packages.

$ sudo apt-get update

2. # Install pre-requisite packages.

$ sudo apt-get install -y wget apt-transport-https software-properties-common

3. # Download the Microsoft repository GPG keys.

$ wget -q https://packages.microsoft.com/config/ubuntu/20.04/packages-microsoft-prod.deb

4. # Register the Microsoft repository GPG keys.

$ sudo dpkg -i packages-microsoft-prod.deb

5. # Update the list of products.

$ sudo apt-get update

6. # Enable the "universe" repositories.

$ sudo add-apt-repository universe

7. # Install PowerShell.

$ sudo apt-get install -y powershell

8. # Start PowerShell.

$ pwsh

As superuser, register the Microsoft repository once.

After registration, you can update PowerShell with sudo apt-get install powershell.


To remove PowerShell from Ubuntu:

Run the command,

$ sudo apt-get remove powershell


How to Launch PowerShell on Linux or Mac?

1. Open a terminal and run the "powershell" command to access a PowerShell shell environment. 

2. This works on both Linux and Mac–whichever you're using. 

3. You'll see a PowerShell prompt beginning with "PS", and you can run PowerShell cmdlets just as you would on Windows.

Commands to list installed rpm packages on Linux

This article will guide you on the different commands to list all installed rpm packages on CentOS, RHEL (Red Hat Enterprise Linux), SUSE/OpenSUSE and other rpm based distros using rpm and dnf/yum command that print a list of all installed packages on your distro.

Setting up Let's Encrypt SSL for domains hosted on an Apache web server based on CentOS 7

Let's Encrypt has gained popularity because they offer free SSL for millions of websites all over the world. They are a non-profit certificate authority run by Internet Security Research Group (ISRG) that provides X. 509 certificates for Transport Layer Security (TLS) encryption free of charge. The certificate is usually valid for 90 days after which is expires pending when it is renewed.

Who We Are ?

Most prominent, efficient, and well-performing IT companies and software solutions.

Related Posts