Archive for category Server

How to check the expiration date of a ssl certificate?

To check a certificate of an host:

openssl s_client -servername your.domain -connect your.domain:443 2>&- | openssl x509 -enddate -noout | sed 's/^notAfter=//g'

To check a certificate file:

openssl x509 -noout -enddate -in your.crt | sed 's/^notAfter=//g'

 

Advertisements

,

Leave a comment

Apache failed on system boot, when binding to an additional IP

Starting point:

My system (Ubuntu 18.04.1) is a VPS running on KVM. The network with some additional IPs is configured with Netplan.

 

Problem:

The Apache server is running on an additional IP. If the VPS reboots, the apache didn’t start because, it couldn’t be bind on an aditional IP. A log entry like the following can be found:
apachectl[631]: (99)Cannot assign requested address: AH00072: make_sock: could not bind to address [xxxxxxxx]:80

But if you restart Apache after the reboot, it runs as expected!
Strange, isn’t it?

 

Solution:

Ok, I couldn’t find the exact reason of this reason. But I think, there is a strange timing issue on reboot. The network isn’t completely up before Apache is starting.

To solve the problem, just edited the section ‘Unit’ in the file /lib/systemd/system/apache2.service and replace

After=network.target remote-fs.target nss-lookup.target

with

Requires=network-online.target
After=network-online.target remote-fs.target nss-lookup.target

That’s it!

More information about the network-target can be found her: https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/

, ,

Leave a comment

VPS boot overrides some configuration files

Problem: I bought a new VPS and did some configuration changes (e.g. hostname setting). I’ve installed some software and wanted to test if my settings are boot resistant. And every time the VPS was¬† booting the files /etc/hosts and /etc/hostname was overridden by the defaults of the provider.

Reason: Virtuozzo (the software which virtualises my VPS) overrides those files at every  time the VPS is booting.

Solution: Replacing the files /etc/hosts and /etc/hostname at boot-time.

The following description is applied for Ubuntu 14.04. Both replacements are implemented as upstart jobs.

/etc/hosts

Copy the /etc/hosts (e.g. /etc/hosts_my) and adapt it to your needs. Then create the file /etc/init/hosts.conf with the following content:

description "restore my hosts"
start on startup
exec cp /etc/hosts_my /etc/hosts

/etc/hostname

Copy the /etc/hostname (e.g. /etc/hostname_mod) and adapt it to your needs. Then edit the file /etc/init/hostname.conf and change the last exec command to:
exec hostname -b -F /etc/hostname_mod
 

That’s it!

, ,

Leave a comment