Categories
Development System & Network

Bitlocker – mainboard exchange won’t require recovery password – why?

A mainboard died. It was exchanged for the same board type (same bios and config, as well, also a new CPU but of the same type). The hard drive is encrypted with bitlocker (on Win10 Pro v1903) and I use an fTPM (Intel PTT) + PIN. I had expected to need the recovery password after […]

Categories
Development System & Network

Convert mycert.cer root.cer and ca.cer into p12 file with openssl

I purchase a certificate to sign PDF from a supplier. They delivered 3 files: mycert.cer, ca.cer and root.cer. I need to create a p12 file from it. But i have no success doing this. I tried: openssl pkcs12 -export -in mycert.cer -nokeys -out finnal.p12 -certfile ca.cer -certfile root.cer It asks for a export password and […]

Categories
Development System & Network

Where to find symbol definitions for RFC protocol flow diagram?

I am reading RFC5077, and bumped into following diagram: ClientHello (empty SessionTicket extension)——–> ServerHello (empty SessionTicket extension) Certificate* ServerKeyExchange* CertificateRequest* <——– ServerHelloDone Certificate* ClientKeyExchange CertificateVerify* [ChangeCipherSpec] Finished ——–> NewSessionTicket [ChangeCipherSpec] <——– Finished Application Data <——-> Application Data I guess Certificate* means there can be one or more Certificate, and [ChangeCipherSpec] means it is optional. But […]

Categories
Development System & Network

How to analyse and fix fargate network problems?

I apologize in advance if this question might end up too broad. We’ve recently deployed an application to the AWS ECS cloud using fargate running at eu-central-1 (Frankfurt) and we noticed that outgoing web requests were taking a very long time, upwards of 60 seconds. Since it was a colleague who deployed the application and […]

Categories
Development PHP System & Network

Apache/PHP: Internal server error. Untraceable! How is that even possible?

I have a Nextcloud server running NextCloudPi (NCP) on a Raspberry Pi 3. NCP is Raspbian/Apache2/PHP/MariaDB stack so to speak. It’s run reliably for years. But recently my Nextcloud died! All it does on a page load is report: Internal Server Error The server encountered an internal error and was unable to complete your request. […]

Categories
Development System & Network

Cisco switch inter-vlan port

expertise my question is : i take 2 l2 switch(s1 and s2) 2960. s1 port 1 is an vlan 10 and s2 port 1 is an vlan 20 and both switch is connect through access mode via 24 port of s1 and s2, vlan for s1 24 port is 10 and s2 is 20 vlan. […]

Categories
Development Domain System & Network Windows

No Domain Controller found when joining a Windows 10 client to a OpenLDAP+Kerberos+SambaDC (SUSE 12SP4)

I’m afraid I need some help. I’ve setted up a OpenLDAP + Kerberos authentication server that works flawlessly in a Linux environment. Linux Clients join to it without any problem and I’m able to login with the users of LDAP using the Kerberos credentials. But I need help since I’m trying to join a Windows […]

Categories
Development Google System & Network

Google Cloud (GCP) Leaves Sensitive Logs Wide Open (Security Flaw)

GCP leaves logs open to WORLD for READ (644), which a terrible security default. I removed GCP rsyslog.d/21-cloud-init.conf file so the second file below should not even be created (data should go straight to syslog). But it is always created on boot even without the rsyslog configuration. So these files are being configured to output […]

Categories
Development System & Network

GCP startup-script error 403

I’m studying GCP. I want to use startup-script by using shell-scripts. I made two projects. One has a strage for saving shell-scripts. I want to use this scripts in the other project. I granted all-authenticaed-users or domain permissions to the scripts, but I cannot use this scripts. I check this command “sudo google_metadata_script_runner –script-type startup […]

Categories
Development System & Network

Master ipv4 CIDR configuration for private cluster in GCP

I’m trying to create a private cluster in GCP as per the steps mentioned here: https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters As per this, the ipv4 address for the master node is set to 172.16.0.32/28. I have also seen that the same CIDR blocks are used in many other examples as well. Is there a restriction that only this particular […]