Category: Linux

auto renew letsencrypt ssl apache on linux

For auto renew SSL certificate I added following code in crontab.

0 0 */10 * * certbot renew >> /logs/certbot-cron.log 2>&1

Log of certbot renew command.

[root@vps147238 ep]# certbot renew

Saving debug log to /var/log/letsencrypt/letsencrypt.log Processing /etc/letsencrypt/renewal/purabtech.com.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Cert not yet due for renewal - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - The following certificates are not due for renewal yet: /etc/letsencrypt/live/purabtech.com/fullchain.pem expires on 2022-01-17 (skipped) (skipped) No renewals were attempted.

how to get free ssl certificate from letsencrypt

For getting a free SSL certificate you need SSH access to your server where you installed your application code.

Then follow commands and articles which will guide you to install the necessary application.

https://certbot.eff.org/lets-encrypt/centosrhel7-apache

After installing certbot to your machine. you need to run following command to generate SSL certificate.

certbot --apache certonly --cert-name purabtech.com -d purabtech.in

Open 443 and 80 port on linux VM

If your apache or Nginx or tomcat server is configured properly still your site is not opening then check firewall and port is opened on the internet.

Check the status of your firewall. use this command

firewall-cmd --state

running

Check which zones are active

[root@vps147238 purab]# firewall-cmd –get-active-zones
public
interfaces: eth0

Open port 80 and port 443 port.

firewall-cmd –zone=public --add-service=http

firewall-cmd --zone=public --add-service=https

firewall-cmd --zone=public --permanent --add-service=http

firewall-cmd --zone=public --permanent --add-service=https

firewall-cmd --reload

Now check port 80 and 443 opened

firewall-cmd --list-all

public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: dhcpv6-client ssh https
ports: 80/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:

Solved: letsencrypt certbot KeyError: ‘Directory field not found’

While running certbot command I got following error:

[root@vps147238 letsencrypt]# certbot --apache certonly --cert-name purabtech.com -d purabtech.in
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): purab@test.in
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
An unexpected error occurred:
KeyError: 'Directory field not found'
Please see the logfiles in /var/log/letsencrypt for more details.

I am using centos 7.

Solution for this is run following command:

yum install python-certbot-apache -t stretch-backports

It solved my issue.

[root@vps147238 letsencrypt]# certbot --apache certonly --cert-name purabtech.com -d purabtech.in
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Requesting a certificate for purabtech.in
Performing the following challenges:
http-01 challenge for purabtech.in
Waiting for verification…
Cleaning up challenges

CentOS Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org An unexpected error occurred:

While running certonly command I got following error:
[root@vps147238 letsencrypt]# certbot --apache certonly --cert-name purabtech.com -d purabtech.in
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
An unexpected error occurred:
ConnectionError: (‘Connection aborted.’, gaierror(-2, ‘Name or service not known’))
Please see the logfiles in /var/log/letsencrypt for more details.

I solved this issue by doing following:

$vi /etc/letsencrypt/cli.ini

Put following code in that
server = https://acme-v02.api.letsencrypt.org/directory

It solved my problem…

install redis docker on windows 10 and run

I am using docker desktop on windows 10 machine. I used the following commands to run Redis and used them in my application for Redis connection.

docker pull redis
docker run -p 6379:6379 --name some-redis -d redis

Following the code will help you. If Redis running properly.

you can go into Redis docker-machine.

docker exec -it some-redis /bin/bash

redis-cli ping

wsl issue code visual studio not working windows 10 ubuntu console

I installed docker desktop and ubuntu on windows 10. I followed the following tutorial:
https://code.visualstudio.com/docs/remote/wsl-tutorial

When I was trying to run on the ubuntu console. I got the following error:

/usr/share/code/bin/../code: error while loading shared libraries: libXss.so.1: cannot open shared object file: No such file or directory

I did not install VS code through the installer due of this error was coming.
Fix for this is.

Run this command on the Ubuntu console:

alias code="/mnt/c/NON-INSTALLED-SOFTWARES/VSCode-win32-x64-1.61.0/Code.exe"

This fixed my issue.

Without changing, ownership of folder give read-write permission Linux

If you want to give read and write permission to a folder in Linux os (fedora, centos, ubuntu then use the following command:

#setfacl -R -m u:YOUR_USERNAME:rwx FOLDER_NAME

This command will be helpful for other Linux users to change files and folders.

create self signed certificate for website and use in linux

Within in 5 minutes you can can create self signed certificate on linux machine. First you need to open console and execute following command. Before executing following command first check openssl utility is installed on your linux machine.

# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout mysitename.key -out mysitename.crt

Then open your apache configuration file and put following code in that file.

NameVirtualHost *:443

#purabtech.in

  ServerAdmin purabtech@gmail.com
  DocumentRoot /home/purab/public_html/purabtech.in/
  ServerName purabtech.in

  <Directory "/home/purab/public_html/purabtech.in/">
    Order Deny,Allow
    Allow from all
    AllowOverride All
  

  ErrorLog logs/purabtech.in-error_log
  CustomLog logs/purabtech.in-access_log combined
  RewriteLog logs/purabtech.in-rewrite_log

  SSLEngine on
  SSLCertificateFile /home/purab/projects/purabtech.in/self-sign/mysitename.crt
  SSLCertificateKeyFile /home/purab/projects/purabtech.in/self-sign/mysitename.key
  SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
  CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

Additional:
For gettting pem certificate from ssl cert.
openssl x509 -in mysitename.crt -out mysitename.pem -outform PEM

delete some days old files and folder linux command

Linux systems are always used as server. Many times we need to cleanup the server. I found nice solution for deleting older files and folders from server without any issue.

For deleting files or folder you can use following command:

rm -rf `find /home/purab/* -type d -mtime +90`

Above command will find all files and folders which are created 90 days ago and delete those folders and files.

Before running above command be careful about directory path. please directory path. rm -rf command is always dangerous.

Above We used find command for searching all files in folder.

-mtime is used to calculate time.

If you want to keep only 5 latest folders on server than you can use following command.

ls -dt /home/purab/*/ | tail -n +6 | xargs rm -rf

Above command has three parts.