https://www.youtube.com/watch?v=759AWWchIdE&feature=youtu.be
Super Easy RetroPie Gaming Install w/ 3000+ Games!!!
Reply
Category Archives: Howto
An easy way to generate a self-signed certificate online
You can generate a self-signed certificate online here:
http://www.selfsignedcertificate.com/
This will generate a two files – a certificate and a key.
If you are using IIS server you need to convert these to .pfx. For this you can use the SSL Converter here:
https://www.sslshopper.com/ssl-converter.html
IP Masquerading using iptables
http://billauer.co.il/ipmasq-html.html
The Beginner’s Guide to iptables, the Linux Firewall
https://www.howtogeek.com/177621/the-beginners-guide-to-iptables-the-linux-firewall/
Tutorial: Installing OpenVPN on Ubuntu 16.04
https://blog.ssdnodes.com/blog/tutorial-installing-openvpn-on-ubuntu-16-04/
To configure iptables look here:
https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-16-04
How to Configure OpenVPN Access Server to Tunnel Traffic
https://linode.com/docs/networking/vpn/configure-openvpn-access-server-to-tunnel-traffic/
Install OpenVPN Access Server on Linux for Secure Communications
https://linode.com/docs/networking/vpn/install-openvpn-access-server-on-linux/
How to Create Windows 10 System Recovery Partition
How To Use Crayon Syntax Highlighter Plugin
Client-side SSL
Client-side SSL
For excessively paranoid client authentication.
Using self-signed certificate.
Create a Certificate Authority root (which represents this server)
Organization & Common Name: Some human identifier for this server CA.
openssl genrsa -des3 -out ca.key 4096
openssl req -new -x509 -days 365 -key ca.key -out ca.crt
Create the Client Key and CSR
Organization & Common Name = Person name
openssl genrsa -des3 -out client.key 4096
openssl req -new -key client.key -out client.csr
# self-signed
openssl x509 -req -days 365 -in client.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out client.crt
Convert Client Key to PKCS
So that it may be installed in most browsers.
openssl pkcs12 -export -clcerts -in client.crt -inkey client.key -out client.p12
Convert Client Key to (combined) PEM
Combines client.crt and client.key into a single PEM file for programs using openssl.
openssl pkcs12 -in client.p12 -out client.pem -clcerts
Install Client Key on client device (OS or browser)
Use client.p12. Actual instructions vary.
Install CA cert on nginx
So that the Web server knows to ask for (and validate) a user’s Client Key against the internal CA certificate.
ssl_client_certificate /path/to/ca.crt;
ssl_verify_client optional; # or `on` if you require client key
Configure nginx to pass the authentication data to the backend application:
- Client Side Certificate Auth in Nginx, section “Passing to PHP.”
- SSL module documentation
Using CACert Keys
- Get client key from CACert
- Install client key in client device.
- Install CACert root certs in server and client device.
- Configure nginx, as above.
Original posting: https://gist.github.com/mtigas/952344#client-side-ssl