#OpenSSL Basics
##Certificate Types
- CA Certificate Authority
- CRL Certificate Revocation List
- CSR Certificate Signing Request
- DCA Deligate Certificate Authority
- DER Data Encryption Standard
- DES Data Encryption Standard
- DH Diffie-Hellmann
abuxton
/ .gitignore
Last active
July 22, 2022 15:07
— forked from croxton/SSL-certs-OSX.md
Generate ssl certificates with Subject Alt Names
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Created by https://www.toptal.com/developers/gitignore/api/ssl | |
| # Edit at https://www.toptal.com/developers/gitignore?templates=ssl | |
| *.csr | |
| *.pem | |
| *.key | |
| *.crt | |
| # End of https://www.toptal.com/developers/gitignore/api/ssl |
abuxton
/ openssl.markdown
Created
July 19, 2022 15:10
— forked from leommoore/openssl.markdown
OpenSSL Basics
abuxton
/ OpenSSL.md
Created
July 19, 2022 15:08
— forked from mohanpedala/OpenSSL.md
OpenSSL Working with SSL Certificates, Private Keys, CSRs and Truststores
abuxton
/ gist:f7f5cd1e0037e1f5caa99ed971fc55f6
Last active
February 7, 2022 14:52
debugging kubectl
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://kubernetes.io/docs/tasks/debug-application-cluster/debug-running-pod/ | |
| https://kubernetes.io/docs/reference/kubectl/cheatsheet/ | |
| # examples | |
| kubectl -n terraform-cloud-agent get all | |
| kubectl -n terraform-cloud-agent logs terraform-cloud-agent-84546788bc-jfmtt -f #-f for follow | |
| kubectl -n terraform-cloud-agent logs terraform-cloud-agent-84546788bc-jfmtt terraform-cloud-agent | |
| kubectl -n terraform-cloud-agent describe pod terraform-cloud-agent-84546788bc-jfmtt |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| provider "aws" { | |
| region = "us-east-1" | |
| ## uses default env_var from aws | |
| #AWS_ACCESS_KEY_ID="anaccesskey" | |
| #AWS_SECRET_ACCESS_KEY="asecretkey" | |
| #AWS_DEFAULT_REGION="us-west-2" | |
| } | |
| # Additional provider configuration for west coast region; resources can | |
| # reference this as `aws.alt`. |
Helper for looking for none documented flags in Replicateds Install script https://help.replicated.com/docs/native/customer-installations/installing-via-script/
Requires, egrep and grep (for no other reason than it was quick and dirty)
git clone https://gist.github.com/abuxton/c072112152c54dfcd53833053f729580 scrape_installer && cd scrape_installer
abuxton
/ README.MD
Last active
May 4, 2023 12:49
— forked from idokd/scrap-ca-to-bundle.sh
Scrape site for its certificates, validate and create a ca bundle, for the use in downloading a local copy of Certificate Authorities (CAs)
sript to scrape named url and ca_bundle files https://www.digicert.com/kb/ssl-support/pem-ssl-creation.htm
> git clone https://gist.github.com/abuxton/e76dfcc3c60215a200336e4262cff42a scrape-ca_bundle && cd scrape-ca_bundle
bash ./scrape-ca_bundle.sh $URL
abuxton
/ get_ca_bundle.py
Created
January 21, 2022 14:57
— forked from magnuswatn/get_ca_bundle.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def get_ca_bundle(): | |
| """Tries to find the platform ca bundle for the system (on linux systems)""" | |
| ca_bundles = [ | |
| # list taken from https://golang.org/src/crypto/x509/root_linux.go | |
| "/etc/ssl/certs/ca-certificates.crt", # Debian/Ubuntu/Gentoo etc. | |
| "/etc/pki/tls/certs/ca-bundle.crt", # Fedora/RHEL 6 | |
| "/etc/ssl/ca-bundle.pem", # OpenSUSE | |
| "/etc/pki/tls/cacert.pem", # OpenELEC | |
| "/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem", # CentOS/RHEL 7 | |
| ] |
abuxton
/ self-signed-certificate-with-custom-ca.md
Created
January 21, 2022 14:53
— forked from fntlnz/self-signed-certificate-with-custom-ca.md
Self Signed Certificate with Custom Root CA
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /bin/bash +X | |
| # later we will disable selinux | |
| # sudo setenforce Permissive | |
| # getenforce # just incase youy want to check selinuxmode | |
| # lets make sure we are a clean install of docker | |
| sudo yum remove docker docker-common docker-selinux docker-engine-selinux docker-engine docker-ce | |
| # now install some tools dmpd(for short) ensures rhel 7 respects gpg settings in repos (issue is https://access.redhat.com/solutions/2850911) see https://access.redhat.com/discussions/5336741 for the fix | |
| sudo yum install -y yum-utils device-mapper-persistent-data lvm2 | |
| sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo |