Kubernetes – Don't knock it till you try it!
Kubernetes. The swiss army knife with a built in steroids dispenser, a hammer, starbucks and a full size tennis court.
Read moreThis is an overview of a simple way to create a self signed TLS key pair. Particularly how to create the TLS files and convert the key file to the PKCS8 format.
According to the definition on wikipedia, Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both frequently referred to as “SSL”, are cryptographic protocols that provide communications security over a computer network. The connection is private (or secure) because symmetric cryptography is used to encrypt the data transmitted.
It’s amazing how annoying it is to try to find a tutorial that shows how to create self signed certificate in the specific formats required for Graylog2. In my case I needed an x509 cert with a PKCS8 formatted key to enable secure connection between graylog logging servers.
I like one liners and once I got a set of commands that worked, I made it as condensed as possible… could even be a one liner.
Here it is:
#Generate new key and create a self signed certificate:
openssl req \ -x509 \ -nodes \ -days 365 \ -newkey rsa:4096 \ -keyout selfsigned.key.pem \ -out selfsigned-x509.crt \ -subj "/<a rel="nofollow noopener noreferrer" href="http://c%3Dus/ST=WA/L=Seattle/CN=scaleup.us/[email protected]" target="_blank">C=US/ST=WA/L=Seattle/CN=example.com/[email protected]</a>"
Output:
#Convert PEM key to PKCS8 format: openssl pkcs8 \ -topk8 \ -inform PEM \ -outform PEM \ -in selfsigned.key.pem \ -out selfsigned-pkcs8.pem
Ouptut:
Thats it. Just change the parameters in the subject. both of these commands can be chained into a one liner, but it’s easy enough to just run them separately.
Stay secure out there.
boohooKubernetes. The swiss army knife with a built in steroids dispenser, a hammer, starbucks and a full size tennis court.
Read moreScript kitties are relentless. Your servers are under constant attack and for me, I find it fun to watch the attack attempts in my logging server with a glass of Malbec at sunset.
Read moreYour infrastructure ONLY as strong as your weakest link. TL;DR – See solution in docker compose
Read moreIf you are a DevOps engineer, systems engineer or SRE, it’s invaluable to have a lab environment that gives you free space to explore, build, break, fix, break, refactor, rebuild… and rebuild any part of the infrastructure you wish to work on.
Read moreThis error can be annoying but the fix is pretty easy. This usually occurs when you kick off an update of a plugin or theme and navigate away from the update progress page before the update completes.
Read moreThis is an overview of a simple way to create a self signed TLS key pair.
Read more