Archive for April, 2007

Newer Entries »

Generate wildcard certificates for ISA 2005 R2 with OpenSSL

Monday, April 9th, 2007

Generate key pair 

 openssl genrsa -out wildcard.domain.com.privkey.pem 1024

Generate certificate request 

 openssl req -new -key wildcard.domain.com.privkey.pem
-out wildcard.domain.com.cert.csr

Make sure you enter *.domain.com when asked for common name.

From \OpenSSL\bin\PEM execute 

../openssl ca -cert <path>/CA.crt
-in <path>/wildcard.domain.com.cert.csr
-keyfile <path>/CA.key -days 3650
-out <path>/wildcard.domain.com.cert.cer

Export the certificate 

openssl x509 -in wildcard.domain.com.cert.cer
-out wildcard.domain.com.cert.x509.cer

Export the private key 

openssl.exe pkcs12 -export
-inkey wildcard.domain.com.privkey.pem
-in wildcard.domain.com.cert.cer
-out wildcard.domain.com.privkey.pfx

I suggest you use a password for this one :)

Follow this on how to import the certificate and the private key.

This entry is based on how to and iis how to.

Posted in isa | No Comments »

Redirect a path to different web server than the complete site using ISA 2005

Monday, April 9th, 2007

I'm forwarding http requests for a domain www.abc.com to server A. I'd like to forward www.abc.com/def to server B.

I configured 2 web publishing rules for the same domain. The first one only includes the path def/, the second one includes *.

ISA behaved very strange. No error message. Sometimes the path def/ worked, sometimes www.abc.com worked.

Posted in isa | No Comments »

Virtual Machine running Gentoo on Virtual Server 2005 R2

Monday, April 9th, 2007

Environment Windows Server 2003 R2, ISA Server 2005, Virtual Server 2005 R2, Network access through Loopback Adapters

Problem Creation/Installation of a virtual machine running Gentoo

Steps

  1. Create Virtual Machine - configure disks
  2. Under General Properties
    • Select Run virtual machine under the following user account and provide username and password
    • Make sure it got access to the .vhd and .vnc files (e.g. C:\Documents and Settings\All Users\Documents\Shared Virtual Networks) (details).

      If you I got the following error message in the EventLog (Virtual Server): The virtual machine "foo" cannot connect virtual network adapter 1 because either the virtual network is invalid or access was denied. This virtual network adapter will be left disconnected.

      The reason were missing privileges of the user on .vnc files.

  3. Mount the Gentoo ISO image
  4. Start the VM and follow Gentoo Installation
  5. Edit make.conf. For my Core2 Duo E6600 Iuse 
    CFLAGS="-O3 -march=nocona -pipe -fomit-frame-pointer"
    
  6.  ln -s /usr/portage/profiles/default-linux/x86/2006.1 make.profile
  7. If you got an existing VM
    • copy /etc/kernels/kernel-config-* 
    •  genkernel --kernel-config=/etc/kernels/kernel-config-* all
  8. Kernel options to avoid clock skew (details) 
    clock=pit
  9. emerge -u logwatch chkrootkit apache netpbm ffmpeg imagemagick ntp gallery virtual/mysql awstats logrotate
  10. configure rsync mirror server

Posted in gentoo, isa, virtual server | No Comments »

Apache, Tomcat, Gentoo, SpringFramework, c3p0, jdbc-mysql

Sunday, April 8th, 2007

Environment Gentoo, Apache-2.0.59, Tomcat-6

Problem Need to configure Tomcat-6 behind Apache and custom applications (stadtplan and Mobile Geizhals) depend on some libraries.

Solution

Add c3p0 to USEFLAGS.

emerge c3p0 mod_jk jdbc-mysql

Edit /etc/conf.d/tomcat-6 CLASSPATH=${CATALINA_LIBDIR}:`java-config -p commons-logging,c3p0,jdbc-mysql`

I could not find the SpringFramework in the portage tree. But adding it to the classpath is a bad idea anyway. I received the following error message

Unable to load class for JSP

Just place the spring.jar into WEB-INF/lib of your application. Any tips on the web like, putting tools.jar into /usr/share/tomcat-6/lib/ don't help.

You need to put a proper .xml file into /etc/tomcat-6/Catalina/localhost/.xml. Just copy an existing one there.

Debugging

cat /var/log/tomcat-6/catalina.*.log
cat /var/log/tomcat-6/localhost.*.log

java-config -l

Posted in apache, gentoo | No Comments »

OpenWrt, DHCP and static IPs

Saturday, April 7th, 2007

Environment OpenWrt on LinkSys WRT54GL

Problem Configure static IPs in DHCP server

Solution Edit /etc/ethers

# Machine Name (this is a comment)
#  
xx:xx:xx:xx:xx:xx 1.2.3.4

Activation on OpenWrt

killall dnsmasq
rm /tmp/dhcp.leases
/etc/init.d/S60dnsmasq

Activation on Windows

 ipconfig /renew

Debugging

tail /tmp/dhcp.leases

tcpdump -avn -i br0 not host  and not host  and not ip6

You should see the DHCP requests

Posted in openwrt | No Comments »

Newer Entries »