Mar 14 2014

ProxmoxVE: Proxy PVE GUI with NigNX configuring HTTPS on Standard port.

With the release of PVE 3.0, the Proxmox VE Web-Interface does no longer require Apache.
Instead using a standard WebServer, Proxmox team is now proud to use a new event-driven API-Server called ‘pveproxy’ listening on TCP Port 8006 and delivering contents via HTTPS using a self-signed certificate.

Proxying pveproxy behind NgiNX will prevent direct access to the event-driven API-Server, let the administrator to (optionally) add a second layer HTTP authentication, to configure a standard HTTPS TCP port to reach the admin panel and to use his own SSL certificates.
Continue reading


Dec 7 2011

SMTP AUTH Connection Tests

When configuring an OutBound SMTP Relay, it is important to restrict the access to owned / authorized networks or to specific users with authentication (to not be used as ‘OpenRelay Server for garbage submission).

For this reason it is important to know how-to check if the Authentication Mechanism is working perfectly.
Continue reading


May 20 2011

CACert.org, OpenSSL & SSL Certificates.

SSL works by way of certificates. A CA (Certificate Authority) has a private key which they can then use to sign other certificates.

If a self-signed certificate from the CA is made available to somebody who wishes to check any given certificate, that client can use the self-signed certificate to validate the signature on any other certificate signed by the CA.

Continue reading


May 18 2011

Most Common OpenSSL Commands

One of the most versatile SSL tools (the default toolkit installed in Linux distributions) is OpenSSL which is an open source implementation of the SSL protocol. OpenSSL is commonly used to create the CSR and private key for many different platforms.

OpenSSL has hundreds of different functions to, for example, view the details of a CSR or certificate, compare an MD5 hash of the certificate and private key (to ensure they match), convert the certificate to a different format and so on.

Continue reading


May 3 2011

WordPress SSL Login & Admin

This is “the right way” to enable WordPress Administration & Login over SSL (assuming SSL is Configured and Running in the Hosting machine).

Don’t try to play with Redirect in Apache configuration, WordPress 2.6 and later has greatly improved support for administration over SSL out of the box.

There are two constants definable in wp-config.php file:

  1. FORCE_SSL_LOGIN (force all logins over SSL)
  2. FORCE_SSL_ADMIN (force all logins and admin sessions over SSL)

 

This definitions must be placed (in wp-config.php file) before the line:

/* That's all, stop editing! Happy blogging. */

Here’s the code needed to force all logins and admin sessions to happen over SSL:

define('FORCE_SSL_ADMIN', true);