Apache is the most common web server used now a days, you would have already configured apache many times by now but what about configuring it with SSL i.e. using apache to service on the https protocol, i assume you have already configured the basic apache server and have also enabled the SSL module, if not refer to my previous post on Configuring Apache Web server.

The following post is an extremely simplified step by step guide to configure SSL in apache using Self Signed Certificates you can also use a real certificate issued by a CA if you have it

Prerequisites

1) Apache with SSL module enabled
2) openssl installed

Step 1) Generate a Private Key

We will use the openssl toolkit for generating a RSA Private Key and Certificate Signing Request, as the first step generate the key the command below will create a 1024bit key using 3des

abhishek@kashipur.in:~$ openssl genrsa -des3 -out server.key 1024
Generating RSA private key, 1024 bit long modulus
......................++++++
..................................++++++
unable to write 'random state'
e is 65537 (0x10001)
Enter pass phrase for server.key:
Verifying - Enter pass phrase for server.key:

Step 2) Generate a CSR (Certificate Signing Request)

Once the key is generated you will need to make a CSR or Certificate Signing Request, using the following command you can generate a CSR in this process you would be asked to enter various parameters as shown below

abhishek@kashipur.in:~$ openssl req -new -key server.key -out server.csr

Enter pass phrase for server.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:IN
State or Province Name (full name) [Some-State]:UK
Locality Name (eg, city) []:Kashipur
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Kashipur Networks
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:kashipur.net
Email Address []:abhishek at kashipur dot net

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

Step 3) Remove Pass phrase from Key

This is completely an optional step if you skip this you will have to run to the server as and when the server restarts to enter the pass phase :) , use the following commands to get rid of this problem

abhishek@kashipur.in:~$ cp server.key server.key.org
abhishek@kashipur.in:~$ openssl rsa -in server.key.org -out server.key

Enter pass phrase for server.key.org:
writing RSA key

Step 4) Generating a Self-Signed Certificate

Once you have your Key and CSR ready its time to generate the Certificate use the following command to generate a certificate

abhishek@kashipur.in:~$ openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

Signature ok
subject=/C=IN/ST=UK/L=Kashipur/O=Kashipur Networks/CN=kashipur.net/emailAddress=abhishek at kashipur dot net
Getting Private key

Step 5) Copy Certificate and Key to Apache Folder

After following the steps above you would have the following files generated

abhishek@kashipur.in:~$ ls -l

-rw-r--r-- 1 abhishek abhishek 952 2009-06-12 14:30 server.crt
-rw-r--r-- 1 abhishek abhishek 704 2009-06-12 14:27 server.csr
-rw-r--r-- 1 abhishek abhishek 887 2009-06-12 14:29 server.key
-rw-r--r-- 1 abhishek abhishek 963 2009-06-12 14:28 server.key.org

Copy the crt and key file to a preferable location inside the apache configuration folder generally /etc/apache2/cert using the following command

abhishek@kashipur.in:~$ cp server.crt server.key /etc/apache2/cert

Step 6) Configure Apache with SSL

Once you have your Certificate and Key copied, modify your httpd.conf to reflect the following

SSLEngine on
SSLCertificateFile /etc/apache2/cert/server.crt
SSLCertificateKeyFile /etc/apache2/cert/server.key
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

Ensure apache is listening to Port 443 if not add the Listen Directive. After making these changes preferable verify the configuration file using the following command

abhishek@kashipur.in:~$ apache2ctl configtest
Syntax OK

Once you see Syntax OK you are ready to use https.

Step 7) Restart Apache and test

To apply the configuration changed you need to restart apache which can be done using the following command

root@kashipur.in:~# service apache2 restart

or

root@kashipur.in:~# service httpd restart (in many cases)

Once you restart test it by appending https:// to the URL

Happy HTTPS :)

I recently shifted to Debian GNU/Linux (Lenny), and the first task included configuring my Internet Connection, i use BSNL EVDO Modem to connect to the internet which is not recognized my default in Debian so following is the process by which i configured my BSNL EVDO in Debian

Step 1) Checked for Modem, Vendor and Product ID

$ cat /proc/bus/usb/devices

You will find many entires in this just check for your modem entry in my case i found

T:  Bus=01 Lev=01 Prnt=01 Port=00 Cnt=01 Dev#=  4 Spd=12  MxCh= 0
D:  Ver= 1.10 Cls=00(>ifc ) Sub=00 Prot=00 MxPS=64 #Cfgs=  1
P:  Vendor=19d2 ProdID=fffe Rev= 0.00
S:  Manufacturer=ZTE, Incorporated
S:  Product=ZTE CDMA Tech

by this i know the following information

Vendor=19d2
ProdID=fffe

Step 2) Detect modem (as root user)

# modprobe usbserial vendor=0x1952 product=0xfffe

Note : appending "0x" before Vendor and ProdID is a must

Step 3) Replug The Modem

Check if its detected using dmesg

# dmesg

[   14.280399] usbcore: registered new interface driver usbserial
[   14.280399] usbserial: USB Serial support registered for generic
[   14.280399] usbserial_generic 1-1:1.0: generic converter detected
[   14.280399] usb 1-1: generic converter now attached to ttyUSB0
[   14.280399] usbserial_generic 1-1:1.1: generic converter detected
[   14.280399] usb 1-1: generic converter now attached to ttyUSB1
[   14.280399] usbserial_generic 1-1:1.2: generic converter detected
[   14.280399] usb 1-1: generic converter now attached to ttyUSB2
[   14.280399] usbserial_generic 1-1:1.3: generic converter detected
[   14.280399] usb 1-1: generic converter now attached to ttyUSB3
[   14.280399] usbcore: registered new interface driver usbserial_generic
[   14.280399] usbserial: USB Serial Driver core

from this you come to know that your modem Device is ttyUSB0

Step 4) Install wvdial

# apt-get install wvdial

Step 5) Configure wvdial

edit the wvidal configuration file (/etc/wvdial.conf) below is my wvdial.conf this should work for you aswell

# gedit /etc/wvdial.com

[Dialer Defaults]
Modem = /dev/ttyUSB0
Init1 = ATZ
Init2 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
Stupid Mode = on
Modem Type = Analog Modem
Phone = #777
ISDN = 0
Username = cdma
Password = cdma
Baud = 9600

Step 6) Connect :)

# wvdial

hey you are now connected.....

Step 7) Adding the Modem Detection @ startup

edit /etc/modules and add the following

usbserial vendor=0x1952 product=0xfffe

# gedit /etc/modules (add the above line)

Notes : wvdial runs as a super user to enable this for normal user you need to edit user permissions.

Tux the Linux mascot will take a break for a while with the release of Kernel 2.6.29 Tuz would be replacing Tux.

Tuz is a Tasmanian Devil, which is a species in danger of becoming extinct. The Tasmanian Devil is native to Australia and during this year's Linux.Conf.Au conference it was decided that Tuz will stand in for Tux for one kernel release in order to raise awareness for this creature. Tux will return with the release of the Linux 2.6.30 kernel :).

Master Boot Record or the MBR max to 512 Kb but very essential have you ever looked at what your MBR contains most probably NO!!, so try out the following 2 commands as root and check your MBR Contents

# dd if=/dev/hda of=mbr.bin bs=512 count=1
# od -xa mbr.bin

This will display your MBR change hda to sda if u have an sda type disk, following is my MBR you might not understand anything from this but a careful look is required to know what is it :)

0000000 48eb d090 bc66 7c00 0000 c08e d88e e689
k H dle P f < nul | nul nul so @ so X ht f
0000020 bf66 0600 0000 b966 0100 0000 a5f3 23ea
f ? nul ack nul nul f 9 nul soh nul nul s % j #
0000040 0006 8000 80fa 057c fa80 7e87 b202 8880
ack nul nul nul z nul | enq nul z bel ~ stx 2 nul bs
0000060 4916 6607 bebf 0007 3100 66f6 04b9 0203
syn I bel f ? > bel nul nul 1 v f 9 eot etx stx
0000100 00ff 2000 0001 0000 0200 90fa f690 80c2
del nul nul sp soh nul nul nul nul stx z dle dle v B nul
0000120 0275 80b2 59ea 007c 3100 8ec0 8ed8 bcd0
u stx 2 nul j Y | nul nul 1 @ so X so P <
0000140 2000 a0fb 7c40 ff3c 0274 c288 be52 7d7f
nul sp { sp @ | < del t stx bs B R > del }
0000160 34e8 f601 80c2 5474 41b4 aabb cd55 5a13
h 4 soh v B nul t T 4 A ; * U M dc3 Z
0000200 7252 8149 55fb 75aa a043 7c41 c084 0575
R r I soh { U * u C sp A | eot @ u enq
0000220 e183 7401 6637 4c8b be10 7c05 44c6 01ff
etx a soh t 7 f vt L dle > enq | F D del soh
0000240 8b66 441e c77c 1004 c700 0244 0001 8966
f vt rs D | G eot dle nul G D stx soh nul f ht
0000260 085c 44c7 0006 6670 c031 4489 6604 4489
\ bs G D ack nul p f 1 @ ht D eot f ht D
0000300 b40c cd42 7213 bb05 7000 7deb 08b4 13cd
ff 4 B M dc3 r enq ; nul p k } 4 bs M dc3
0000320 0a73 c2f6 0f80 ea84 e900 008d 05be c67c
s nl v B nul si eot j nul i cr nul > enq | F
0000340 ff44 6600 c031 f088 6640 4489 3104 88d2
D del nul f 1 @ bs p @ f ht D eot 1 R bs
0000360 c1ca 02e2 e888 f488 8940 0844 c031 d088
J A b stx bs h bs t @ ht D bs 1 @ bs P
0000400 e8c0 6602 0489 a166 7c44 3166 66d2 34f7
@ h stx f ht eot f ! D | f 1 R f w 4
0000420 5488 660a d231 f766 0474 5488 890b 0c44
bs T nl f 1 R f w t eot bs T vt ht D ff
0000440 443b 7d08 8a3c 0d54 e2c0 8a06 0a4c c1fe
; D bs } < nl T cr @ b ack nl L nl ~ A
0000460 d108 6c8a 5a0c 748a bb0b 7000 c38e db31
bs Q nl l ff Z nl t vt ; nul p so C 1 [
0000500 01b8 cd02 7213 8c2a 8ec3 4806 607c b91e
8 soh stx M dc3 r * ff C so ack H | ` rs 9
0000520 0100 db8e f631 ff31 f3fc 1fa5 ff61 4226
nul soh so [ 1 v 1 del | s % us a del & B
0000540 be7c 7d85 40e8 eb00 be0e 7d8a 38e8 eb00
| > enq } h @ nul k so > nl } h 8 nul k
0000560 be06 7d94 30e8 be00 7d99 2ae8 eb00 47fe
ack > dc4 } h 0 nul > em } h * nul k ~ G
0000600 5552 2042 4700 6f65 006d 6148 6472 4420
R U B sp nul G e o m nul H a r d sp D
0000620 7369 006b 6552 6461 2000 7245 6f72 0072
i s k nul R e a d nul sp E r r o r nul
0000640 01bb b400 cd0e ac10 003c f475 00c3 0000
; soh nul 4 so M dle , < nul u t C nul nul nul
0000660 0000 0000 0000 0000 c6d7 0002 0000 0180
nul nul nul nul nul nul nul nul W F stx nul nul nul nul soh
0000700 0001 fe83 ffff 003f 0000 36a8 01e0 fe00
soh nul etx ~ del del ? nul nul nul ( 6 ` soh nul ~
0000720 ffff fe83 ffff 36e7 01e0 124d 00a0 fe00
del del etx ~ del del g 6 ` soh M dc2 sp nul nul ~
0000740 ffff fe82 ffff 4934 0280 3986 0040 fe00
del del stx ~ del del 4 I nul stx ack 9 @ nul nul ~
0000760 ffff fe05 ffff 82ba 02c0 6207 0690 aa55
del del enq ~ del del : stx @ stx bel b dle ack U *
0001000