Tuesday, May 31, 2011

Configure Apache with OpenSSL in SUSE

  1. Create a random data file
    cat /dev/random > randomfile

  2. Create key pair
    openssl genrsa -des3 -out server.key -rand randomfile

  3. Sign the created Public Key and create a digital certificate
    openssl req -new -x509 -key server.key -out server.crt
    Answer the questions posed and then copy the Public Key and digital certificate into appropriate directories:
    server.key --> /etc/apache2/ssl.key/
    server.crt --> /etc/apache2/ssl.crt/


  4. Configure Apache to use OpenSSL
    Edit the /etc/sysconfig/apache2 file
    APACHE_START_TIMEOUT="10" - the httpd start time out
    APACHE_SERVER_FLAGS="SSL"


  5. Configure the main site to use HTTPS
    Edit the /etc/apache2/default-server.conf file and add the following directives from the /etc/apache2/vhost.d/vhost-ssl.template file
    SSLEngine on
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    SSLCertificateFile /etc/apache2/ssl.crt/server.crt
    SSLCertificateKeyFile /etc/apache2/ssl.key/server.key


  6. Configure a Virtual Host to use HTTPS
    • Follow steps 1 to 3 to create the key and digital certificate
    • Edit the /etc/apaches2/vhost.d/.conf file
    • Change VirtualHost :80 to VirtualHost *:443
    • Append the ServerName directive with 443 e.g. vhost.mydomain.lan to vhost.mydomain.lan:443

Friday, May 27, 2011

How to upgrade openSUSE 11.4 to use GNOME 3

Just managed to get GNOME 3 running on my openSUSE 11.4 desktop. GNOME 3 is pretty and does need getting used to but so far I have been pretty happy with it on Fedora 15. I have an old Pentium D with 2GB of RAM and an ancient NVIDIA GeForce 7600GT. To upgrade to GNOME 3 you need to add the repo.

Adding the repo:
zypper ar -f obs://GNOME:STABLE:3.0/openSUSE_11.4 GNOME_STABLE_3.0

The do a distribution upgrade:
zypper dup

Before you reboot the system to enjoy the GNOME 3 goodness, install the gnome-shell and theme packages:
zypper in gnome-shell metatheme-adwaita-common

The GNOME tweak tool is a must to modify the GNOME 3 desktop:
zypper in gnome-tweak-tool

Enjoy!!

Tuesday, May 3, 2011

KVM on openSUSE 11.4

KVM hasn't been as popular as the XEN hypervisor on the SUSE/openSUSE platform. However, Red Hat has been instrumental in drumming up interest and support for KVM in the past couple of years. I still feel that XEN has a greater support (as in official support that is!) for "Enterprise" apps like SAP and such, but the inner geek in me is absolutely trembling with joy for KVM support since openSUSE 11.3 and in SLES/SLED 11 SP1.

For those who want to get KVM on openSUSE 11.4, have a look at the excellent article at http://howtoforge.com/virtualization-with-kvm-on-an-opensuse-11.4-server

Enjoy....now back to work....and happy hacking!!