Archive for Tutorials

Create a Self-Signed Wildcard SSL Certificate with OpenSSL

The following guide creates a Self-Signed SSL Certificate for internal use with a validity of 1 year.
Sources used to create this guide:

Mozilla Wiki – SecurityEngineering/x509Certs
Medium – Create your own Certificate Authority

I used Raspberry Pi OS (bullseye) to create the SSL certificates.

Step 1 : Create the CA Private Key
openssl genrsa -des3 -out CAPrivate.key 2048

Step 2: Generate the CA Root certificate
openssl req -x509 -new -nodes -key CAPrivate.key -sha256 -days 365 -out CAPrivate.pem

Step 3 : Create a Private Key
openssl genrsa -out MyPrivate.key 2048

Step 4 : Generate the CSR
openssl req -new -key MyPrivate.key -extensions v3_ca -out MyRequest.csr

Step 5: Create extensions file to specify subjectAltName
Create an extensions file named: openssl.ss.cnf

File Contents of openssl.ss.cnf (replace *.mydomain.tld with your domain):

basicConstraints=CA:FALSE
subjectAltName=DNS:*.mydomain.tld
extendedKeyUsage=serverAuth

Step 6: Generate the Certificate using the CSR
openssl x509 -req -in MyRequest.csr -CA CAPrivate.pem -CAkey CAPrivate.key -CAcreateserial -extfile openssl.ss.cnf -out MyCert.crt -days 365 -sha256

Step 7: Install the Certificate / Private Key on your Web Server / Application
Read the manual of the Web Server / Application to install SSL certificates.

Step 8: Copy the CA Root certificate and import it in the proper Certificate Store of the OS/Application
[Windows] Copy CAPrivate.pem to computer, rename to CAPrivate.crt and import to Trusted Root Authorities Store.

Please read the following disclaimer before making changes to your device / software:

Disclaimer

* I'm not responsible for bricked devices, dead SD cards, thermonuclear war, or you getting fired because the alarm app failed.
* YOU are choosing to make these modifications, and if you point the finger at me for messing up your device, I will laugh at you.
* Your warranty will be void if you tamper with any part of your device / software.

 

QNAP NAS: Fix the Seagate “chirp” sound

Some weeks ago I bought a NAS from QNAP, the 2-bay TS-212 version.

Along with this device I purchased a 3TB Seagate HDD, model ST3000DM001.
On the QNAP website, I read that this particular HDD needed a firmware update to work properly.
My Seagate drive was packed with firmware CC4B, which for some reason was not eligible for updating to CC4H.

I decided to stick the HDD into the QNAP NAS and see what happens.
Initially I installed firmware version 3.8.0 on the QNAP NAS, last week I did the update to version 3.8.1 which went far from flawless.

The update failed the first (live-update) and second (manual update) time, but for some reason after the third time trying to install the update manually, it succeeded.

Now, with version 3.8.1 installed, I noticed a big annoyance.

It’s the terrible sound that the Seagate ST3000DM001 is making. Almost every time the NAS is trying to access the HDD, it makes a very loud “chirp” sound. It drove me crazy, and went to search for solutions, because it didn’t sound very healthy.

Read more

simple2ext (S2E) voor Cyanogenmod 7.x

Om te beginnen een iets oudere tutorial afkomstig van m’n vorige blog, aangepast met de nodige updates.

Het betreft een tutorial voor het aanmaken van een SD-ext partitie op een micro SD kaart.
Ik heb hiervoor een 8GB Adata Class 6 micro SD kaart gebruikt.

Ik heb gekozen voor ongeveer 25% voor de ext3 partitie (+/- 2GB), en 75% voor de fat32 partitie.

Een kort stappenplan zoals ik het gedaan heb (er zijn meerdere mogelijkheden):

Benodigdheden:

  • Ubuntu met GParted (GNOME Partition Editor) op de PC
  • HTC Legend (rooted)
  • Cyanogenmod 7.x
  • micro SD kaart
  • S2E (simple2ext) gratis verkrijgbaar in de Google Play Store (voor meer info zie: XDA Developers – S2E topic)

Read more