How to get one SSL certificate working for domain.com and www.domain.com without any warnings ?

I am writing this post, since one of our admin suggested to purchase wild card SSL certificate when a customer reported issues with SSL installation on www.domain.com when he actually purchased domain.com ’s SSL certificate. And the issue was escalated when the admin couldn’t get it working and customer of our client started threatening to cancel. “domain.com” is a subdomain of “.com”, so the wildcard that would work for it would be “*.com”. This is why a cert for *.domain.com works for “www.domain.com” but not, “www.sub.domain.com” or “domain.com”.

Solution which should have been suggested was UCC certificates and not Wildcard SSL certificates. From GoDaddy’s KnowledgeBase at http://help.godaddy.com/article/3908 here is the definition for UCC or Multi domain certificates.

Unified Communications Certificates (UCC) are SSL Certificates that secure multiple domains and multiple hostnames within a domain. They allow you to secure up to 100 domain names in a single certificate and can consolidate all your secure domains into one certificate.

I believe UCC works based on subjectAltName directive of openSSL, which you can read more about at http://www.openssl.org/docs/apps/x509v3_config.html#Subject_Alternative_Name_

Upto 5 domains, it will cost $90 and with GoDaddy’s coupon codes you may be able to get it with 10 to 20% discounts We are no way affiliated to GoDaddy or NoDaddy. But not sure of other providers who gives UCCs at lower rate. If you are aware of one, please feel free to comment!

However we had to make it work for the customer and we did it. Since it was a cPanel server having EasyApache 3, we had to do custom modification for the virtualhosts inorder to make sure that it worked even after the changes are made. How to do that will be in one of the next posts, soon.

rar and unrar archives in linux

Rar archived files are very common these days and we have a solution for rar file extraction and compression in linux. To extract rar files we have the unrar application.

To use unrar to extract use the following commands:
unrar e <filename.rar> use this to unpack the rar file in current directory
unrar l <filename.rar> use this to list the files inside the archive
unrar x <filename.rar> use this to extract the files with the full path
unrar t <filename.rar> use this to test the integrity of archive

Now for those who wish to compress files into the rar archived format, we have the rar application and the following commands will come in handy:

rar a <desired filename.rar> <path of directory to archieve> use this to create a normal compressed rar archieve
rar a <desired filename.rar> <path to file1> <path to file2> <path to file3> … use this more multiple individual files to be archived into a sigle rar file.
rar a -p<password> <desired filename.rar> <path to dir or file> use this to password protect the rar files
rar a -m<level of compression 1-least 5-best> -v<size of each rar file> <desired filename.rar><path to dir or file> use this to split the file to a number of rar archived files of desired size.

Now to get all this and install the rar and unrar application, proceed with the following commands:

wget http://www.rarlab.com/rar/rarlinux-3.6.0.tar.gz
tar -zxvf rarlinux-3.6.0.tar.gz
cd rar
cp rar unrar /bin

Chapter 10 Editing files in Linux.

There are several tools available in Linux to edit a regular file. The most popular and user text file editor is VI, and VI Modified is called VIM.

file – use file command to know the file type
vi  is very hard to learn, but really powerful

Either learn VI or learn Unix :-

VI:- VI is a vey powerful text editor. The name vi is derived from the shortest unambiguous abbreviation for the command visual in ‘ex”; the command in question switches the line editor ex to visual mode.

The VI has three mode

• Command Mode – simple one/two letter commands
• Edit Mode – Allows to append and insert text
• Ex Mode – allows to execute commands

Going back and forth modes requires to go to command modeby pressing escape.

Command Mode:-

Arrow keys – hjkl
w – moves cursor forward by a word
b – moves cursor backward by a word
0,$ – beginning and end of line
Ctrl + f , Ctrl + b – Page UP, Page Down
Home – gg
End – G
:25, 25G – to the 25th line
% – matching braces

1. Insertion

Insertion – I, i
Append – A, a
Insertion on a new line – O, o

2. Deletion

Delete a single character under cursor – x
Delete a single character left of cursor – X
Delete all the stuff from cursor to end of line – D
delete 10 words – 10dw , d10w
Replace a single character – r
Undo the last change – u
To repeat last command – .
To join two lines together – J

3. Search in command mode

Search for a word downwards – /word_to_search
Search for a word upwards – ?word_to_search
Repeat the previous search forward – n
Repeat the previous search backward – N

4. Search and Replace in ex mode

Change a single character – r
Replace mode by typing over – R
Search and replace first occurence of old_word with new_word in the entire file – :%s/old_word/new_word/
Search and replace first occurence in the current line – :s/search/replace/
Search and replace all occurences in the entire file – :%s/search/replace/g
Search and replace all occurences in current line – :s/search/replace/g
Search and replace the first occurence of old_word between n1 and n2 with new_word – :n1,n2s/old_word/new_word/
Search and replace all occurences of old_word between n1 and n2 with new_word – :n1,n2s/old_word/new_word/
Search and replace all occurences of old_word with new_word, but prompt for confirmation – :1,$s/old_word/new_word/gc

5. Cut/Copy/Paste

Cut the entire line – dd
Copy the entire line – yy
Cut the word from the current cursor position to its end – dw
Paste – p, P
Swap the adjacent lines – ddp
Cut 10 lines – 3dd

6. Exiting VI

Save in ex mode – :w
Exit in ex mode – :q
Forcefully save in ex mode = :w!
Forcefully exit in ex mode, when a change is made accidentally = :q!
Save and Exit in command mode – ZZ
Save and Exit in ex mode – :wq,
Save and Exit in ex mode forcefully : wq!

7. Advanced VI to ponder with

:map to map the new defined command to a sequence of commands or keystrokes
:map Ctrl+v_Ctrl+v_Space Ctrl+v_Ctrl+f means pressing space will enable page down.  Ctrl + v is to input a special character such as Esc.
Encryption – :X and disable encryption :set key=

So “Either learn VI or learn Unix”

Chapter 9 Advanced Linux commands!

Let’s go advanced ! Here are some advanced linux commands to list the hardware details..

Device Identification commands:-

/usr/src/linux/Documentation/devices.txt

hardinfo

hwinfo – Shows detailed information about any hardware.

Usage –> hwinfo –help

=================================
O/p of hwinfo –mouse command ran on a laptop with touchpad and a ps/2 optical mouse connected to a USB port using a PS/2-USB converter

hwinfo –mouse
38: USB 00.1: 10503 USB Mouse
[Created at usb.122]
UDI: /org/freedesktop/Hal/devices/usb_device_a81_205_noserial_if1
Unique ID: iVWJ.8QOQCbci8S5
Parent ID: pBe4.vfMN5defVA1
SysFS ID: /devices/pci0000:00/0000:00:1d.1/usb2/2-1/2-1:1.1
SysFS BusID: 2-1:1.1
Hardware Class: mouse
Model: “CHESEN PS2 to USB Converter”
Hotplug: USB
Vendor: usb 0×0a81 “CHESEN”
Device: usb 0×0205 “PS2 to USB Converter”
Revision: “0.10″
Compatible to: int 0×0210 0×0015
Driver: “usbhid”
Driver Modules: “usbhid”
Device File: /dev/input/mice (/dev/input/mouse1)
Device Files: /dev/input/mice, /dev/input/mouse1, /dev/input/event3, /dev/input/by-id/usb-CHESEN_PS2_to_USB_Converter-event-mouse, /dev/input/by-path/pci-0000:00:1d.1-usb-0:1:1.1-event-mouse, /dev/input/by-id/usb-CHESEN_PS2_to_USB_Converter-mouse, /dev/input/by-path/pci-0000:00:1d.1-usb-0:1:1.1-mouse
Device Number: char 13:63 (char 13:33)
Speed: 1.5 Mbps
Module Alias: “usb:v0A81p0205d0010dc00dsc00dp00ic03isc01ip02″
Driver Info #0:
Buttons: 5
Wheels: 1
XFree86 Protocol: explorerps/2
GPM Protocol: exps2
Config Status: cfg=new, avail=yes, need=no, active=unknown
Attached to: #33 (Hub)

42: ADB 00.0: 10502 Bus Mouse
[Created at input.159]
UDI: /org/freedesktop/Hal/devices/computer_logicaldev_input
Unique ID: kZYT.9XB1QYZ8Aa7
Hardware Class: mouse
Model: “Apple Macintosh mouse button emulation”
Vendor: int 0×0100 “Apple”
Device: int 0×0300 “Macintosh mouse button emulation”
Compatible to: int 0×0210 0×0003
Device File: /dev/input/mice (/dev/input/mouse0)
Device Files: /dev/input/mice, /dev/input/mouse0, /dev/input/event0
Device Number: char 13:63 (char 13:32)
Driver Info #0:
Buttons: 3
Wheels: 0
XFree86 Protocol: explorerps/2
GPM Protocol: exps2
Config Status: cfg=new, avail=yes, need=no, active=unknown

44: PS/2 00.0: 10500 PS/2 Mouse
[Created at input.159]
UDI: /org/freedesktop/Hal/devices/platform_i8042_i8042_AUX3_port_logicaldev_input
Unique ID: AH6Q.845qvaQafo3
Hardware Class: mouse
Model: “SynPS/2 Synaptics TouchPad”
Vendor: int 0×0212
Device: int 0×0001 “SynPS/2 Synaptics TouchPad”
Compatible to: int 0×0210 0×0003
Device File: /dev/input/mice (/dev/input/mouse2)
Device Files: /dev/input/mice, /dev/input/mouse2, /dev/input/event4, /dev/input/by-path/platform-i8042-serio-4-event-mouse, /dev/input/by-path/platform-i8042-serio-4-mouse
Device Number: char 13:63 (char 13:34)
Driver Info #0:
Buttons: 3
Wheels: 0
XFree86 Protocol: explorerps/2
GPM Protocol: exps2
Config Status: cfg=new, avail=yes, need=no, active=unknown

=================================

MAKEDEV and mknod – mentioned earlier

lspci – list devices using Peripheral Component Interconnect bus. Options to check out is lspci -t and -v
lsdev  – options to check are -P, -H, -C
lsusb – lsusb is a utility for displaying information about USB buses in the system and the devices connected to them.
lssci – lists your scsi devices
hdparm – display drive geometry
dmidecode – Reports information about your system’s hardware as described in your system BIOS, overriding the information kernel gives you inside /proc

Chapter 8 File types in Linux.

” On a UNIX system, everything is a file, if something is not a file, it is a process. “Most of the files in linux , say regular files have normal data, eg some text files, executable files/programs, input and output to or from a program and so on.

File Types:-

Ordinary -> text, ./binary, .images, html and conf files
Directory -> Also known as folders
Special/Device File ->
Hardware Devices –> /dev/lp0 , /dev/hda1, /dev/sda1, /dev/fd0
Logical Devices –> /dev/null , /dev/zero
Links -  Hardlinks and SoftLinks + Difference of Hardlinks & SoftLinks
Sockets – A socket refers to a special file with which communication between locally running processes happens
FIFOs Or Named Pipes – act more or less like sockets and form a way for processes to communicate with each other, without using network socket semantics

FIFO is a one way communication pipe, while Unix domain sockets (otherwise called as IPC Sockets) are two way communication pipes

# ls -l  /dev/console
crw——- 1 root root 5, 1 2008-03-30 17:45 /dev/console

-    Regular file
d    Directory
l    Link
c    Special file
s    Socket
p    Named pipe

The maximum number of characters for a file name is 255
Use backslash for special characters
CaseSensiTivty for files : The Files in linux are case sensitive. File a and file A are two different files.

Color codes:-

blue    directories
red    compressed archives
white    text files
pink    images
cyan    links
yellow    devices
green    executables
flashing red    broken links

Suffix Schemes:-

nothing    regular file
/    directory
*    executable file
@    link
=    socket
|    named pipe

PathNames:-

Relative Path :- The relative path is the path to the destination file/directory from the current location (pwd). eg : cd ../var/www

Absolute path :- The relative path is the full path to the destination file/directory from the ‘/’. eg : vi /home/indisages/files
The maximum length of PathNames including slashes is  4096

Permissions:- The behavior of a file/directory to a particular user totally depends on the permission assigned to it.

rwx and octal/numerical representations
chmod
chgrp
umask for directories and files

Special Modes in Permission:-

Sticky bit – t, eg –> ls -ld /tmp
Set UID – When this mode is set on an executable file, it will run with the user and group permissions on the file instead of with those of the user issuing the command, thus giving access to system resources. eg : /usr/bin/passwd and /etc/passwd
Set GID – Same as SUID, but applies to group. eg : ls -l /usr/bin/write /usr/bin/bsd-write /dev/pts/1