How to convert .CRT SSL Certificate to .PFX format (with openssl Linux command) and Import newly generated .PFX to Windows IIS Webserver

September 27th, 2016


1. Converting to .CRT to.PFX file format with OpenSSL tool on GNU / Linux to import in Windows (for example, IIS)

Assuming you have generated already a certificate using the openssl Linux command and you have issued the .CRT SSL Certificate issuer file
and you need to have the new .CRT SSL Certificate installed on Windows Server (lets say on Windows 2012) with IIS Webserver version 8.5, you will need a way to convert the .CRT file to .PFX, there is plenty of ways to do that including using online Web Site SSL Certificate converter or use a stand alone program on the Windows server or even use a simple perl / python / ruby script to do the conversion but anyways the best approach will be to convert the new .CRT file to IIS supported binary Certificate format .PFX on the same (Linux certificate issuer host where you have first generated the certificate issuer request .KEY (private key file used with third party certificate issuer such as Godaddy or Hostgator to receive the .CRT / PEM file).

Here is how to generate the .PFX file based on the .CRT file for an Internal SSL Certfiicate:


openssl pkcs12 -export -in server.crt -inkey server.key -out server.pfx

On the password prompt to appear use any password because otherwise the future IIS Webserver certificate import will not work.

To do a certificate chain SSL export to be accessed from the  internet.


openssl pkcs12 -export -in server.crt -inkey server.key -out server.pfx -certfile internet v2.crt

2. Import the PFX file in Windows

Run: mmc, add snap, Certificates, Computer account, Local Computer; in the

Certificates (Local Computer) > Personal > Certificates: Select All Tasks > Import File

Enter previously chosen password.
You should get further the Message "Import was successful."

You can import the PFX file by simply copying it to the server where you want it imported and double click it this will  open Windows Importwizzard.

Then select the IIS:


Site, Properties, Directory Security, Server Certificate, Replace the current certficate, select proper Certificate. Done.

Alternatively to complete the IIS Webserver certificate import within one step when a new certificate is to be imported:

In IIS Manager interface go to :

Site, Properties, Directory Security, Server Certificate, Server Certificate Wizard

Click on



import a certificate from a .pfx file, select and enter password.


3. Import the PFX file into a Java keystore

Another thing you might need if you have the IIS Webserver using a backend Java Virtual Machine on the same or a different Windows server is to import the newly generated .PFX file within the Java VM keystore.

To import with keytool command for Java 1.6 type:


keytool -importkeystore -deststorepass your_pass_here -destkeypass changeit -destkeystore keystore.jks -srckeystore server.pfx -srcstoretype PKCS12 -srcstorepass 1234 -srcalias 1 -destalias xyz

Also the .CRT file could be directly imported into the Java keystore


Import a .crt in a Java keystore

/usr/java/jre/bin/keytool -import -keystore /webdienste/java/jdk/jre/lib/security/cacerts -file certificate.crt -alias Some alias



4. Get a list of Windows locally installed certificates

To manager installed certificates on Windows 7 / 8 / 2012 Server OS is to run command via

Start -> Run





One other way to see the installed certificates on your Windows server is checking within

Internet Explorer

Go to Tools (Alt+X) → Internet Options → Content → Certificates.


To get a a complete list of installed Certificate Chain on Windows you can use PowerShell


Get-ChildItem -Recurse Cert:


That's all folks ! 🙂


Share this on

How to shutdown Windows after 1, 2, 3, 4 etc. X hours with a batch script – Shutdown / Reboot / Logoff Windows with a quick command

August 17th, 2016

I recently wondered how it is possible to shutdown Windows in some prior set time lets say in 30 minutes, 1 hour, 3 hours or 8 hours.

That's handy especially on servers that are being still in preparation install time and you have left some large files copy job (if you're migration files) from Old server environment to a new one
or if you just need to let your home WIndows PC shutdown to save electricity after some time (a very useful example is if you're downloading some 200GB of data which are being estimated to complete in 3 hours but you need to get out and be back home in 2 or 4 days and you don't want to bother connecting remotely to your PC with VNC or teamviewer then just scheduling the PC / server to shutdown in 3 hours with a simple is perfect solution to the task, here is how:

1. Open Command Prompt (E.g. Start menu -> Run and type CMD.EXE)

2. Type in command prompt


shutdown -s -t 10800


If you by mistake has typed it to shutdown earlier and suddenly you find out your PC needs to be running for a short more time in order to cancel the scheduled Shutdown type:


shutdown -a

Shutdown Windows command -s flag has also a possibiltiy to not shutdown but just logoff or if you just need to have the system rebooted a reboot option:

options    effect
-l         to log off
-r         to reboot

If you need to shutdown the PC after half an hour use instead the command:


shutdown -s -t 1800


Half an hour is 1800 seconds for one hour delayed shutdown use 3600 for 3 hours, that would be 3*3600 10800, for 5 hours 5*3600 = 18000 seconds and so on


An alternative way to do it with a short VBscript, here is an example:

Set objShell = CreateObject("WScript.Shell")

Dim Input
Input = "10:00"

'Input = InputBox("Enter the shutdown time here.","", "10:00")

For i = 1 to 2

CurrentTime = Time & VbCrLf

If Left(CurrentTime,5) = Input Then

objShell.Run "shutdown -s -t 00", 0
WScript.Quit 1


WScript.Sleep 1000

End If




Share this on

Enable TLS 1.2 Internet Explorer / Make TLS 1.1 and TLS 1.2 web sites work on IE howto

August 1st, 2016


Some corporate websites and web tools especially one in DMZ-ed internal corporation networks require an encryption of TLS 1.2 (Transport Layer of Security cryptographic protocol)   TLS 1.1 protocol   both of which are already insecure (prone to vulnerabilities).

Besides the TLS 1.2 browser requirements some corporate tool web interfaces like Firewall Opening request tools etc. are often are very limited in browser compitability and built to only work with certain versions of Microsoft Internet Explorer like leys say IE (Internet Explorer) 11.

TLS 1.2 is supported across IE 8, 9, 10 and 11, so sooner or later you might be forced to reconfigure your Internet Explorer to have enabled the disabled by OS install TLS 1.2 / 1.1.

For those unaware of what TLS (Transport Layer of Security) protocol is so to say the next generation encryption protocol after SSL (Secure Socket Layer) also both TLS and SSL terms are being inter-exchangably used when referring with encrypting traffic between point (host / device etc.) A and B by using a key and a specific cryptographic algorithm.
TLS is usually more used historically in Mail Servers, even though as I said some web tools are starting to use TLS as a substitute for the SSL certificate browser encryption or even in conjunction with it.
For those who want to dig a little bit further into What is TLS? – read on technet here.

I had to enable TLS on IE and I guess sooner others will need a way to enable TLS 1.2 on Internet Explorer, so here is how this is done:


    1. On the Internet Explorer Main Menu (press Alt + F to make menu field appear)
    Select Tools > Internet Options.

    2. In the Internet Options box, select the Advanced tab.

    3. In the Security category, uncheck Use SSL 3.0 (if necessery) and Check the ticks:

    Use TLS 1.0,
    Use TLS 1.1 and Use TLS 1.2 (if available).

    4. Click OK
     5. Finally Exit browser and start again IE.


Once browser is relaunched, the website URL that earlier used to be showing Internet Explorer cannot display the webpagre can't connect / missing website error message will start opening normally.

Note that TLS 1.2 and 1.1 is not supported in Mozilla Firefox older browser releases though it is supported properly in current latest FF releases >=4.2.

If you  have fresh new 4.2 Firefox browser and you want to make sure it is really supporting TLS 1.1 and TLS 1.2 encrpytion:


(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful.

(2) In the search box above the list, type or paste TLS and pause while the list is filtered

(3) If the security.tls.version.max preference is bolded and "user set" to a value other than 3, right-click > Reset the preference to restore the default value of 3

(4) If the security.tls.version.min preference is bolded and "user set" to a value other than 1, right-click > Reset the preference to restore the default value of 1

The values for these preferences mean:

1 => TLS 1.0 2 => TLS 1.1 3 => TLS 1.2

To get a more concrete and thorough information on the exact TLS / SSL cryptography cipher suits and protocol details supported by your browser check this link

N.B. ! TLS is by default disabled in many latest version browsers such as Opera, Safari etc.  in order to address the POODLE SSL / TLS cryptographic protocol vulnerability

Share this on

Windows 7 fix menu messed up cyrillic – How to fix cyrillic text in Windows

July 22nd, 2016


How to fix Cyrillic text on Windows 7

I've reinstalled my HP provided company work notebook with Windows 7 Enterprise x86 and had troubles with seeing Cyrillic written text, letters and fonts.
The result after installing some programs and selecting as a default language Bulgarian during installation setup prompt let me to see in some programs and in some of my old written text file names and Cyrillic WIN CP1251 content to be showing a cryptic letters like in above screenshot.

If you're being curious what is causing the broken encoding cyrillic text, it is the fact that in past a lot of cyrillic default encoding was written in KOI-8R and WIN-CP1251 encoding which is not unicode e.g. not compatible with the newer standard encoding for cyrillic UTF-8. Of course the authors of some old programs and documents are not really responsbie for the messed up cyrillic as noone expected that every Cyrillic text will be in UTF-8 in newer times.

Thanksfully there is a way to fix the unreadable / broken encoding cyrillic text by:

Going too menus:

Start menu -> Control Panel -> Change display language -> Clock, Language and Religion

Once there click the Administratibe tab

and choose

Change system locale.


Here if you're not logged in with administrator user you will be prompted for administrative privileges.


Being there choose your language (country) to be:

Bulgarian (Bulgaria) – if you're like me a Bulgarian or Russian (if you're Russian / Belarusian / Ukrainian) or someone from the countries of ex-USSR.
Click OK

And reboot (restart) your computer in order to make the new settings active.

This should be it from now on all cyrillic letters in all programs / documents and file names on your PC should visualize fine just as it was intended more or less by the cyrillic assumed creator Saint Climent Ohridski who was a  who reformed Cyrillic from Glagolic alphabet.

Share this on

July 14th, 2016


If you're using Mozilla Firefox browser to browse the Web with Traffic Tunneling via SSH Tunnel to your own Linux server like I do in order to prevent yourself traffic to be sniffed from your Work corporate computer (as most of the corporations such as IBM / Hewlett Packard / Concentrix etc. are forcing all employee PC traffic to be  to be transported via default set Windows Corporate Proxy active for all browsers.

Then you will certainly also want to prevent the DNS requests to be not logged somewhere in your Corporate IT department thus the question arises:

How to force DNS requests to be made through the Proxy server (SSH host)?

Nomatter where you're using Firefox browser with advanced proxying plugin such as FoxyProxy FF add-on or the default Proxy FF features the DNS lookups might end up in Corporate set DNS servers often forced for the computer / notebook and impossible to be changed to a custom ones as many of the Corporation internal Sharepoints and domains are only visible from their internal networks.

Thanksfully in newer versions there is an easy way to do it directly from Visual menus via:

Tools -> Options -> Advanced -> Network -> Settings

You will get a screen like below:


Just tick the Remote DNS and that will force Firefox to query remote Proxy server proxy DNS


If you happen to be running older Firefox which doesn't have the Remote DNS tick you can also try to set the setting manually:


  1. In firefox type this in your address bar:


  2. Click I'll be careful I  promise.

  3. In the filter textbox, type: proxy

  4. Find the preference name called *network.proxy.socks_remote_dns*. Double click it to set it to true.



Enjoy ! 🙂

Share this on

The feasts of healer saints Cosma and Damian and saint John of Rila holy relics return to Rila Monastery – An Orthodox Christian July Morning in Kavarna with Father Vasilij Selemet

July 9th, 2016


Saint Cosma and Damian Healer Saints Icon

As some who were in Bulgaria already know there is this new set metal / rock / underground feast called July Morning that started from years in Communism in Bulgaria but has a strong relation with pagan feasts being celebrated before Bulgarian inhabitans were baptized and Bulgaria become enlightened Christian land.

With recent serious attempt to resurrect all paganism under a new packaging through metal / rock / rap culture festivals and the rise of rebellion against the system by so many young peoplewhich started in America in the late 1960's by the Peace Anti-War / Hippy movement the tradition of rebellious and mixed head young people has quickly spread over all the lands which had a severe American Anglo-Saxon influence and after the fall of the communist-system and shortly before this influence born the so called July Morning a feast to receive the first Sun light on every 1st of July while camping near some of the beatiful Bulgairan beaches.

Young hippy / metal / rock / hardcore / techno people as well as other alternative people from all fields of undeground music and other sub-cultures from all places from Bulgaria and even abroad gather to have fun drink and enjoy the night and stay awake 'till early morning on 1st of July, then by tradition they play Uriah Heep's July Morning being inspired by the first Sun lights while others headoff themselves with inhuman quantities of alcohol, joint and other soft-drugs.

As Kavarna become over the last 5+ years, "The rock capital of Bulgaria" and a whole Europe famous metalheads destination the need for contra reaction from traditionally Eastern Orthodox Christian Bulgaria become so evident that one of the famous priests in eparchy of Varna – father Vasilij Salemet (A Besarabia Bulgarian Gagauz) who serves as a priest in Kavarna by God's great providence decided to start a new counterfeit tradition to give glory and prayer akathist to the double feast of ancient Christian healer twin saints Cosma and Damian (A.D. 287) known as Unmercenaries because of their refusal to accept any money for healing and The Transportation (Return) of Holy relics of the Greatest Bulgarian Saint John of Rila in 1195 from Tarnovo to Rila Monastery.


The Return of Holy Relics of saint John of Rila from Tarnovo to Rila Monastery icon

This too significant Christian feasts providently coincided with the Secular July Morning and this was a good reason for setting the Eastern Orthodox Christian litia procession "march" antiope to secular July morning is the fact that in Kavarna on the Chirakman peak cape nearby the sea is situated an enormous sized ancient Basilica which was in favour of st. Cosma and Daminos. The Christian july morning started 5 years ago by the initiative of father Vasilij's laity from the Church in honour of The Dormition of the Most Holy Virgin together laity from saint Nicolas Varna Church and people from Varna's Orthodox Christian enlightenment Center archangel Michael which btw is also famous for organizing the Week of the Eastern Orthodox Christian book and other events who aim to help people understand the Truth and Light of the Lord Jesus Christ teaching and his established Holy Church, the Holy Eastern Orthodox Church.

In the event by tradition also the famous in Varna father Vasilij Shagan was present and he give a short talk on the topic of Today's world disintegration and the importance of the teaching of the Lord Jesus Christ which called all for spiritual unity in faith of his Holy name through His established Church with his own blood on the Golgotha Cross.

A notable guests was  young people from Varna and Dobrich region, father Dimitrij who is priest in Moldovan Besarabia city of Bolgar as well as we had the blessing to have father archimandrite Konstantin an abbot of Patleina Great Preslav  / "Veliki Preslav" monastery which is either the most ancient monastery in Bulgaria or among the 3 most ancient established after the Baptismal (Christianization) of Bulgaria in 864 A.D

The host of the Orthodox Christian July morning event was father Vasilij who as always was very hospital and settled all the guests in the few Church rooms situated nearby the Church building on the second floor of a caffeteria building.

Akathist saint John of Rila July Morning Kavarna

Akathist to Saint John of Rila, the Klir singers back left

The whole prayer event started on 30 of June with an akathist to Saint John of Rila in order to honor also our great Bulgarian saint this year there was no vesper or a night vigil because the people were already too tired as some of the believers came in mid day on 30th and already went to Chirakmana (hill like) cape Basilica Saint Cosma and Damian in order to clean the remains of basilica foundations from the wild grass which was taking over the place because of the heavy rains this year.

Akathist to Saint John of Rila in Kavarna Church Dormition of Mother Mary

Akathist to Saint John of Rila 30 of June  2016 evening sideview to Alter Doors (Dveri)


After the akathist to Saint John of Rila there was a free dinner prepared by his wife presbitera (Matushka) Ekaterina and given by father Vasilij to all present borther and sister christians and father Vasilij Shagan give his 1.5 hour speach on the need of spiritual unity between Christians and through all through faith in our Risen Lord Jesus Christ, there was a lot of referrences to Bessarabia and their previous life in Besarabia and a short speeach by father Dimitrij from Bessarabia who as we understand used to be the inspirator for priesthood of both Father Vasilij Salement and Father Vasilij Shagan which in 1992 started their priest carrers as a humble seminary students in Sofia Spiritual Christian Seminary saint John of Rila.


Father Vasilij (Left) and Father Dimitrij (from Besarabia)

Dinner Room in Kavarna trapezaria after akathist to st John of Rila

The Fathers Vasilij, Konstantin, Vasilij, Dimitrij during the dinner

It is always a true blessing to meet other Christians as Jesus said and the joy of the shared dinner which consisted of bread, clams, caviar, mashed potatoes  a nice salad of tomatoes, pepper, cucumbers and onion.

After having the shared table and joy to meet new brothers and sisters from Dobrudja region a lot of people had the chance to have long talks with Borislav Avramov (Borko Avramov) who is a key person and lecturer in saint archangel Michael Orthodox Center and Church and a truly famous person among Varna Orthodox Christian Youth.

Starting the Lithia (Procession)

The procession – notice the unique beautiful nature

The procession climbing the way to the Roman Basilica

The first Sun lights on July Morning in Kavarna

The Sun rising over the Chirakman cape, first sun lights

Chirakman peak cape sideview from top to sea coast and the many electricity generators on the background

Chirakmana peak majestic view from top sea shore – notice the many green energy producer fins

The procession icon of St. Cosma and St. Damianos (right) and St. John of Rila (left) with the Holy Cross and Ripidions

Lighting up charcoal for censor (incsensory)

The Open Church Alter in Chirakmana akathist to saint Cosma and Damian

Fr. Veliko (left), fr. Konstantin, fr. Konstantin, fr. Dimitrij

Fr. archimandrite Konstantin reading prayers


Christians praying at the Majestic Basilica Remains

In the morning the procession started from The Dormition of the Virgin Mary Church the youngest were given icons of st. Cosma and Damian and were leading the procession and the rest of Christians were following some of which singing troparions of Saint John of Rila, The Most Holy Trinity, Troparion of saint Cosma and Damian, Trisvetoe (All Holy Thrice) hymn, O Theotokos Virgin (Bogorodice Devo), Dostoino Esty and other Church troparions.

During the Acathist to st. Cosma and Damian

We were pleasently surprised in the morning to find out that the priest from Holy Trinity Church from Dobrich father Veliko and his wife Conka with their 2 kids Mihaela and Andrea came for the akathist prayer to st. Cosma and Damian as well as our beloved brother Stelian and his girlfriend Marinela.

To reach Chirakmana cape the walk is downside about 40 minutes walk through a beautiful wild nature from both the right and left. The road has also a drinkable water for those who got too thirsty, once reaching near the sea there was another 25 minutes walk up to reach  Chirakmana cape peak  6th century ancient Basiiica of saint Cosma and Damian.


Father Vasilij reading the Gospel after the Acathist


The Basilica st. Cosma and st. Damian Alter

There were also people with cars so for those tired to walk the 40 minutes downside he can get near the seashore by car, I personally was too tired and we travelled with Galin and Andrea and their 3 children.


Father archimandrite Konstantin blessing with the sanctified water from the Acathist

This year there was no Holy Liturgy service in open space on the basilica location like they used to serve 4 years ago but fr. Vasilij promised to do his best to make it possible perhaps on next year to have the proper tent installed in order to protect the Antimens and Alter from the wind.

Common picture of everyone after the Acathist

We walked back the road from Chirakmana to near seashore and from their our friend Stelian took me and father Konstantin to drive us to the Church in other occasions I would have walked but since I was so tired from previous day, we travelled to Holy Dormition of Virgin Mary Church with Stelian's car after filling bottles with the mineral water spring situated on the road leading to the Church.

Once all come to the meeting point which was the dinner room we had a wonderful coffee, tea and a quick free breakfast generally given again by fr. Vasilij after which everyone who had a car travelled to Kaliakra Cape which is few kilometers drive way to venerate also the chapel in honour of saint Nicolas the Myrh-Bearer.

The overall experience and spiritual joy was great for everyone I expect the new pious tradition will continue for the next years to come. Everyone who wants is invited to visit and experience the truthfulness of the words of the savior of the Lord Jesus Christ who said:

"For where two or three are gathered together in my name, there am I in the midst of them." – Mathew 18:12

Let by the prayers of Saint Cosma and Damian and the Greastest Bulgarian Reverend desert father Saint John of Rila the All Holy Trinity have mercy on Bulgaria and all Orthodox Christian countires and All people living with faith.

Share this on

Preeminent Saint apostles Peter and Paul feast in the Holy Eastern Orthodox Church – June 29

July 1st, 2016


"With the Grace of God I am what I am" (Corinthians 15:10)

This year the Peter and Paul feast period in the Bulgarian Eastern Orthodox Church was just 3 days (27,28,29), because it is a movable feast and depends on the Great Lent's longitude

Saint Apostles Peter and Paul are named Preeminent because they have laboured the most in setting the basis for the Holy Christ Church.

Saint Apostle Peter together with his brother Andrew were the first which was called by the Lord Jesus Christ which was destined by the Great providence of God to become his desciples and apostles.

Saint Peter's distinguishing soul character was his pure heart and the soul simplicity. Always when the Savior asked questions from his desciples to illustrate them the greater spiritual truths of the Eternal Heavenly life and God's greatness shown through all creation and to reveal them the divine truths about the Holy Trinity it was saint Peter who answered first speaking from the name of all desciples.

That's how one time when Christ asked the pupils "Who do you think I am?", st. ap. Peter immediately answered:

"You're Christ, the Son of the Living God".
Then Jesus told him, "Blesssed are you Simon , son of Johna because no flesh and no blood has revealed this secret to you but my Father which is in heaven; and I tell you you're Peter (in Greek meaning stone), and on this stone I'll build my Church and the gates of hell would not prevail it." Mathew 16:14-18


This is the basis, this is the stone which the Lord used to establish his Church – the firmness of faith and the confession that Jesus is Christ (The Messiah), Son of the Living God. Since that moment apostle Peter started bearing also the name Simon-Peter.


By his age also saint apostle Peter was first among the apostles. After the Ascension of the Savior and the descent of the Holy Spirit over the Holy apostles he preached that firy sermon conquering the hearts and minds of the gathered many leading to the baptism of thousands.

He preached in many regions of the Roman Empire and many cities and wrote two letters which we find in today's Holy Bible, New Testament – First and Second Epistle of Peter also presented in the Roman Catholic and Protestant Bibles named Peter 1 and Peter 2.

Being in persecution, various griefs and sufferings, the primus in honor among apostles has restlessly preached the Gospel.
In 67 A.D. during the persecution against Christians in eperor Nero's time he was martyred.

His persecutors wanted to kill the apostle on the Cross because he was preaching the crucified Christ, but by his humble request to God for his
unworthiness to die with the same death as the Divine Saviour Lord Jesus Christ his executors decided to crucify him with the cross upside down where nowadays we know the inverted cross as a symbol of the holy apostle crucifix.
In later times the inverted upside-down cross started being paradoxically associated with antichrism and satanism but in reality few know that it is also a symbol left from ancient christian church.

Saint Apostle Paul before becoming the desciple and apostle of Christ was called Saulus. He was a very educated person for his time.
However even though his high education he was a soul blind and unenlightened person. He was initially a fierce persecutor of Christians and even requested by authorities to grant him a special task to persecute and kill all members of the new Roman empire "superstitio" as Christianity was called at that time.
On his way to Damascus a great miracle occured and he believed in the Risen Christ the Messiah (Saviour of the World)!

God blessed the repented persecutor with a glory. By a miraculous way the Lord Jesus Christ has appeared to him and he become from a fierest persecutor of Christians he become the most fervent preacher of the Saving Gospel and Love.
He travelled many cities and has enlightened many nations.
Often persecuted because of his preach and has been in chains was fought with sticks and received various tortures for the sake of Christ.
St. Paul wrote many apistles which are red for edification and example for perfect Christian life and dedication during Holy Liturgy to this very day in the Church and his epistle.

Finally in the same year 67 during emperor Nero after being convicted to be a Christian and an enemy of the pagan state not wanting to sacrifice to the Roman idol gods he received martyrdom being beheaded because he was a Roman citizen.

This are the short biographies of the two most glorious among the apostles. So what is the moral and the lesson by this two great saints?

What is the common between the two originally contradictious characters / persons?

The first – simple fisherman, quick in speech and fearful in action who first has confessed the Lord Jesus Christ to be truly God and shortly after his ignition he has denied his Master and Christ thrice.

The other an educated but cruel man a persecuter and killer of Christians.
These two very different man became the two central building blocks of the Church that has enlighted a whole meriad of nations and give them examle and tutoring them in the true way of salvation in the Holy Faith and Love.

By the Grace of God which always heals the sick and the frail, by these grace which unifies not only st. Peter and st. Paul but also all of us in the One Holy Catholic and Apostolic Church. In this Church and through this grace we vitalize and are saved.

Not because of our own merits, not because we've done something worthy but only and because of God's Grace as it is also said in the Holy Scriptures "By the Grace of God I am what I am" (1 Corinthians 15:10) says apostle Paul. Let us overcome pride – the mother of all sins.
Because pride is the reason not to give the owed to God's Grace and deceive ourselves that we with our own energies and powers have become what we're.

Everything we achieve by God's Grace but the condition to attain the Grace is to humile ourselves and hope on God's mercy, because God is an enemy of the proud and to the humile he sends his Grace.

Hence, let us live by the Laws of the Gospels, handed in by the Holy Apostles and let us leave completely ourselves to the power of God's Grace and Love, Now and Forever and Ever. Amen!

Translated (with translator cosmetic changes) from Bulgarian Orthodox Church – "Church Newsletter" nr. 26 – year 1995.

Share this on

Install and Run Multiple Tomcat and JAVA server instances on single Windows server Howto

June 17th, 2016

I've had a task at my work place to install Multiple Tomcat servers on Windows 2012 Server R2 the task seems trivial however I've faced few minor issues and the few searches in Google returned very few articles discussing the topic and this give me the idea that it might be helpful to others to come up with my own article as this might save time for those Linux guys who need to install Multiple Tomcat instances on the same Windows server without spending too much time to dig into the arcane winblows.

I stumbled on some issues during installation  thus took the time to systemize below shortly how I managed to run 2 Tomcat servers on One Windows 2012 R2 machine.

First thing to do is to obtain latest compiled Tomcat server archive from Tomcat's official download page here.

Latest Tomcat stable release as of time of writting this article is 7.0.69, so I've downloaded 64 Bit archive (as the server is running X64 Operating system) and unarchived it twice on the Install server under 2 separate directory locations under:








Copy of the 7.0.69 X86 tomcat zip archive is here and X64 bit tomcat 7.0.69 is here

Once the files are properly untarred I also needed to download also Java as the WAR application supposed to run on the Windows machine had as requirement Java JDK 8.

Downloading Java is a trivial task, however in my case the server used to be in DMZ (Demiliterized Zone) / Firewalled network and hence instead of using the default Java installer provided from Oracle website which is trying to download from Internet, I had instead to download and use the Offline current JAVA 8u91 version.
Just for sake of some convenience I've made a mirrored version of X86 JAVA 8 (8u91) is here and JAVA 8u91 X64 version here



JAVA JDK install is a trivial task just run the isntaller set the proper locations initially for JDK base folder in my case this was:




and later throughout during install, I was asked also to fill in full path location for JRE, in my case this was




It was a little bit surprising for me that JRE install path had to be entered and because I was not careful enough I had twice entered the same path for both JRE and JDK, i.e. entered on both prompts:




This caused issues and a messed Java install but I realized that after the 3rd re-install of Java when I decided to also read instead of by habit click Next / Next and Complete the install as used to be in the good old days of Windows XP and Windows 98 🙂

Once Java set up correctly I've tested it with:


C:\Users\georgi> java -version




It is also necessery to set properly following 2 JAVA command line environment variables:


On the logged in user Environment Variables with which Tomcat will be running on how to do that check my previous article how to add Environment Variables on Windows


Make sure you have the following 2 environment variables set upped:







For one time set (assuming Java is installed) under D:Javajre and D:Javajdk, you will need to type in command prompt:

set JAVA_HOME=D:\Java\jdk

set JRE_HOME=D:\Java\jre

Once assured Java is running fine I proceeded to run the Tomcat serevrs, in order to make them working it was necessery to change all coinciding Port names under:




because if there are coinciding ports (assuming that like me you're trying to run both Tomcat under the same IP address), the servers will fail to run because they're trying to bind under the same Port TCP addresses.

Assuming that the tomcat archive files are copied from .zip into D:TomcatTomcat_Instance-1 and D:TomcatTomcat_Instance-2 folders and you have in each of the 2 the following directory structure:


    /bin : This directory contains the startup and shutdown scripts for both Windows and Linux.
    /conf : This directory contains the main configuration files for Tomcat. The two most important are the server.xml and the global web.xml .
    /server : This directory contains the Tomcat Java Archive files.
    /lib : This directory contains Java Archive files that Tomcat is dependent upon.
    /logs : This directory contains Tomcat’s log files.
    /src : This directory contains the source code used by the Tomcat server. Once Tomcat is released, it will probably contain interfaces and abstract classes only.
    /webapps : All web applications are deployed in this directory; it contains the WAR file.
    /work : This is the directory in which Tomcat will place all servlets that are generated from JSPs. If you want to see exactly how a particular JSP is interpreted, look in this directory.


You will need to edit server.xml in both of the Tomcats and make sure the configuration for ports is not coinciding, i.e., I've changed the following configurations for Tomcat_Instance-2 installation:


    Connector Port : This is the port where Apache Tomcat listen for the HTTP requests. Default port is 8080, I've changed this to 8089 for second Tomcat server
    Shutdown Port : This port is used when we try to shutdown the Apache Tomcat Server. Default port is 8005 so changed that to 8006 in Tomcat_Instance-2
    AJP (Apache JServ Protocol) Connector Port : The Apache JServ Protocol (AJP) is a binary protocol that can conduct inbound requests from a web server through to an application server that sits behind the web server.
I've commented out the configuration for AJP completely and used for my custom needs the following server.xml configuration:

<Connector port="11111" address="" protocol="AJP/1.3" enableLookups="false"/>

    Redirect Port : Any redirection happening inside Apache Tomcat will happen through this port. In Apache TOMCAT there are two instance where redirect Port is mentioned. First one is for the Apache TOMCAT server and other one is for the AJP port. Default here is port 8443 so changed that one to to listen to 8444 instead.

Another thing necessery to do is to create setenv.bat file under both D:\TomcatTomcat_Instance-1\bin and D:\Tomcat\Tomcat_Instance-2\bin with following content:

set JRE_HOME=D:\java\jre
set JAVA_HOME=d:\java\jdk
exit /b 0


The quickest way to do it without bothering with Notepad text editor is by issuing:


cd tomcat\Tomcat_Instance1\bin
echo set JRE_HOME=D:\java\jre > setenv.bat
echo set JAVA_HOME=D:javajdk >> setenv.bat


cd tomcat\Tomcat_Instance2\bin
echo set JRE_HOME=D:\java\jre > setenv.bat
echo set JAVA_HOME=D:\java\jdk >> setenv.bat

The is a standard variables file read by Tomcat on Instance start up time

Next part of Tomcat installation is to install each of the 2 instances after defining CATALINA_BASE to point to first and second Tomcat instance directories, e.g open a Command Prompt (cmd.exe) and run there:


set CATALINA_BASE=D:\Tomcat\Tomcat_Instance-1

C:|> d:

D:|> cd Tomcat\Tomcat_Instance-1\bin


D:Tomcat\Tomcat_Instance-1\bin> service install Tomcat_Instance-1

You will get output like:


Using CATALINA_BASE:   " D:\Tomcat\Tomcat_Instance-1"
Using CATALINA_HOME:   " D:\Tomcat\Tomcat_Instance-1"
Using CATALINA_TMPDIR: " D:\TomcatTomcat_Instance-1\temp"
Using JRE_HOME:        "D:\java\jre"
Using CLASSPATH:       "D:\Tomcat\Tomcat_Instance-1\bin\bootstrap.jar; D:\Tomcat\Tomcat_Instance-1\bin\tomcat-juli.jar"


Then for the second Tomcat server instance run in command prompt:


set CATALINA_BASE=D:\Tomcat\Tomcat_Instance-2


cd Tomcat\Tomcat_Instance-2\bin
service install Tomcat_Instance-2

Using CATALINA_BASE:   " D:\Tomcat\Tomcat_Instance-2"
Using CATALINA_HOME:   " D:\Tomcat\Tomcat_Instance-2"
Using CATALINA_TMPDIR: " D:\Tomcat\Tomcat_Instance-2\temp"
Using JRE_HOME:        "D:\java\jre"
Using CLASSPATH:       "D:\Tomcat\Tomcat_Instance-1\bin\bootstrap.jar; D:\TomcatTomcat_Instance-2\bin\tomcat-juli.jar"


Here is all the service.bat batch file parameters:


D:\Tomcat\Tomcat_Instance-11\bin>service.bat /
Unknown parameter "/?"


Usage: service.bat install/remove [service_name] [/user username]

To test both Tomcat servers where they run simultaneously without issues, I run in 2 separate command prompts – opened (cmd.exe) two times and run in each of them:

What this little command does is uses Tomcat7.exe command to Add / Remove / Modify the Tomcat instance into Windows Services, the same can be happily done also with the good old
sc (service configure) windows command.



cd Tomcat\Tomcat_Instance-1\bin\startup.bat


cd Tomcat\Tomcat_Instance-2\bin\startup.bat

Both executed without errors in command line and to stop them I've pressed the usual CTRL+C.
To make sure once again both server instances ran wihtout errors, I've checked in D:TomcatTomcat_Instance-{1,2}logs/catalina*.log and in both of them all looked fine.
Another good check if you want to be 10000% sure Tomcat is running is to look up for Tomcat listening on above configured ports, for example run below in cmd:


D:Tomcat> netstat -a|findstr "8080"

I've also used the 2 following command to set up proper Services description for both of services:


D:\Tomcat\Tomcat_Instance-1\tomcat7 //US//Tomcat_Instance1 –Description="Apache Tomcat Server –"

D:\Tomcat\Instance_Instance-2\tomcat7 //US//Tomcat_Instance2 –Description="Apache Tomcat Server – "


A very helpful resource during the Apache (Windows Service) instance install / setup /modification that helped me is on Tomcat's official site here

N! B! Very important note to make here for anyone experiencing strange issues when trying to add multiple issues is below:

I've experienced some issues while trying to add the 2 Tomcat servers into Windows services initially with tomcat7.exe command like so:

Trying installing Tomcat71 service with cmd:

 tomcat7 //IS//Tomcat71 –DisplayName="Apache Tomcat 7" ^
     –Install="D:\Tomcat\Tomcat_Instance-1\bin\tomcat7.exe" –Jvm=auto ^
     –StartMode=jvm –StopMode=jvm ^
     –StartClass=org.apache.catalina.startup.Bootstrap –StartParams=start ^
     –StopClass=org.apache.catalina.startup.Bootstrap –StopParams=stop


And Tomcat72 instance with cmd:

 tomcat7 //IS//Tomcat71 –DisplayName="Apache Tomcat 7" ^
     –Install="D:\Tomcat\Tomcat_Instance-2\bin\tomcat7.exe" –Jvm=auto ^
     –StartMode=jvm –StopMode=jvm ^
     –StartClass=org.apache.catalina.startup.Bootstrap –StartParams=start ^
     –StopClass=org.apache.catalina.startup.Bootstrap –StopParams=stop


I've tried multiplet imes to Add and remove the Tomcat71 and Tomcat72 Windows service names (with) Tomcat DS (Delete Service)

tomcat7 //DS/Tomcat71
tomcat7 //DS/Tomcat72

And strangely the two instances were continuously crashing when I tried to start them (with Properties button and Start instruction) from Windows Task Manager (taskmgr.exe) -> Services

Finally I realized the issue is caused by some problems that somehow occured with Windows Service Names Tomcat71 and Tomcat72 by simply readding the two instances under another name the instances stopped crashing and all worked thanks to help of colleague Anatoliy who pointed me tot he problem by trying to install his own instances under a different service name).

Thanks God finally the 2 instances run fine !


Share this on

Install and make Apache + PHP to work with PosgreSQL database server on Debian Linux and set up server Web Posgre interface Pgpadmin howto

June 15th, 2016


In previous article I've wrote on how to install postgresql on Debian Linux using the deb repository this was necessery to import some PostGres DBs, however this was not enough to run the posgresql php based website aimed as connection from Apache / PHP module to PostGre was failing after a bit of investigation and a check in phpinfo(); I've realized the module PHP module for postgres was missing, here is what I did in order to install it:

debian:~# apt-get install php5-pgsql phppgadmin libapache2-mod-auth-pgsql 

PHP sessions enable configuration

As it is common a common problem with PHP applications written to use PostGres is to loose sessions and by default PHP does not have configured sessions.save_path it is a very good practice to directly enable it in /etc/php5/apache2/php.ini open the file in text editor:

debian:~# vim /etc/php5/apache2/php.ini

Find the commented directive line:

;session.save_path = “/tmp”

and uncomment it, i.e.:

session.save_path = “/tmp”

Quit saving vim with the usual :wq!

The 3 modules provides for PHP and for Apache2, the 3rd packae phpgadmin provides a Web administration interface for installed PostgreSQL servers Databases, for those experienced with MySQL Database its the same as PHPMyAdmin.


 Here is quick configuration for use of PostgreAdmin interface:

By default PHPPGADMIN installation process configure the Apache2 server' /etc/phppgadmin/apache.conf  to use  /etc/apache2/conf.d/phppgadmin

Here is the default my server package instaleld  file content:


Alias /phppgadmin /usr/share/phppgadmin

<Directory /usr/share/phppgadmin>

DirectoryIndex index.php
AllowOverride None

order deny,allow
deny from all
allow from ::1/128
# allow from all

<IfModule mod_php5.c>
  php_flag magic_quotes_gpc Off
  php_flag track_vars On
  #php_value include_path .
<IfModule !mod_php5.c>
  <IfModule mod_actions.c>
    <IfModule mod_cgi.c>
      AddType application/x-httpd-php .php
      Action application/x-httpd-php /cgi-bin/php
    <IfModule mod_cgid.c>
      AddType application/x-httpd-php .php
      Action application/x-httpd-php /cgi-bin/php


It is generally a good practice to change the default Alias location of phppgadmin, so edit the file and change it to something like:

Alias /phppostgresgadmin /usr/share/phppgadmin


  • Then phpPgAdmin is available at (only from localhost, however in my case I wanted to be able to access it also from other hosts so allowed PostgresGadmin from every hosts, to do so, I've commented in above config


# allow from ::1/128


and uncommented #allow from all line, e.g.:

allow from all

Also another thing here is in your VirtualHost whenever you plan to access the PHPPGADMIN is to include in config ( in my case this is the file /etc/apache2/sites-enabled/000-default before (</VirtualHost> end line) following Alias:

Alias /phpposgreadmin /usr/share/phppgadmin

Then to access PostGreSQL PHP Admin interface in Firefox / Chrome open URL:



Configure access to a remote PostgreSQL Server

With PhpPgAdmin, you can manage many PostgreSQL servers locally (on the localhost) or on remote hosts.

First, you have to make sure that the distant PostgreSQL server can handle your request, that you can connect to it. You can do this by modifying the /etc/postgresql/9.5/main/filepg_hba.conf and adding a line like:

# PhpPgAdmin server access host all db_admin xx.xx.xx.xx md5

Then, you need to add your distant PostgreSQL server into the config file for PhpPgAdmin. This file is  /etc/phppgadmin/ the default postgresql port is 5432, however you might have configured it already to use some different port if you're not sure about the port number the postgresql is listening check it out:


debian:~# grep -i port /etc/postgresql/*/main/postgresql.conf
etc/postgresql/9.5/main/postgresql.conf:port = 5433                # (change requires restart)
/etc/postgresql/9.5/main/postgresql.conf:                    # supported by the operating system:
/etc/postgresql/9.5/main/postgresql.conf:                    # supported by the operating system:
/etc/postgresql/9.5/main/postgresql.conf:# ERROR REPORTING AND LOGGING

To login to phppgadmin interface there is no root administrator user such as in PHP so you will need to priorly create some user and later use it for connection from Postgres Web interface.

To create from console new user in postgres:

debian:~# su – postgres
posgres@debian:~$ psql template1
posgres@debian:~$ psql -d template1 -U postgres


Welcome to psql 9.5, the PostgreSQL interactive terminal. Type: \copyright for distribution terms \h for help with SQL commands \? for help on internal slash commands \g or terminate with semicolon to execute query \q to quit template1=#

template1=# CREATE USER MyNewUser WITH PASSWORD 'myPassword';

To add a new database to postgres from shell:

template1=# CREATE DATABASE NewDatabase;

template1=# GRANT ALL PRIVILEGES ON DATABASE NewDatabase to MyNewUser;


template1=# q

Last command instructs it to quit if you want to get more info about possible commands do type instead of q ? for general help or for database / table commands only h
If you need to connect to NewDatabase just to test first it works in console before trying it from postgrepgadmin






posgres@debian:~$ psql -d NewDatabase -U MyNewUser





Share this on

Install postgresql on Debian Squeeze / How to install PostGreSQL on Obsolete Debian installation

June 10th, 2016


If you're in position like me to be running an old version of Debian (Squeeze) and you need to install PostgreSQL you will notice that the Debian 6.0 standard repositories are no longer active and apt-get update && apt-get upgrade are returning errors, thus because this Debian release is already too old and even the LTS repositories are inactive it is impossible to install postgresql with the usual.

To get around the situation first thing I did was to try to add followin Debian  repositories. to /etc/apt/sources.list

deb squeeze-backports-sloppy main
deb squeeze main contrib non-free
deb squeeze-lts main contrib non-free

After adding it I continued getting missing package errors while trying:

# apt-get update && apt-get install postgresql postgresql-client


E: Some index files failed to download. They have been ignored, or old ones used instead.

Thus I googled a bit and I found the following PostgreSQL instructions working Debian 7.0 Wheeze and decided to try it 1 in 1 just changing the repository package wheezy word with squeeze
in original tutorial postgre's deb repositories are:


deb wheezy-pgdg main

I've only changed that one with:


deb squeeze-pgdg main


I guess though this worked for Debian Squeeze installing current versions such as Debian 8.0 Jessis and newer wouldn't be a prolem if you just change the debian version keyword witht he distribution for which you need the postgresql package

Here is all the consequential steps I took to make the PostgreSQL 9.5 running on my old and unsupported Debian 6.0 Squeeze

Create /etc/apt/sources.list.d/pgdg.list. The distributions are called codename-pgdg. In the example, replace wheezy with the actual distribution you are using:

# vim /etc/apt/sources.list.d/pgdg.list


deb squeeze-pgdg main

debian:~# apt-get –yes install wget ca-certificates debian:~# wget –quiet -O – | sudo apt-key add – debian:~# apt-get update debian:~# apt-get upgrade debian:~# apt-get –yes install postgresql-9.5 pgadmin3

Next step is to connect to PostGreSQL and create database user and a database # su – postgres $ psql

Create a new database user and a database:

postgres=# CREATE USER mypguser WITH PASSWORD 'mypguserpass'; postgres=# CREATE DATABASE mypgdatabase OWNER mypguser;



# createuser mypguser #from regular shell # createdb -O mypguser mypgdatabase

Quit from the database

postgres=# q

Connect as user mypguser to new database

# su – mypguser $ psql mypgdatabase


# psql -d mypgdatabase -U mypguser

If you get errors like:

psql: FATAL: Ident authentication failed for user "mypguser"

edit pg_hba.conf in /etc/postgresql/9.5.Y/main/pg_hba.conf


local all all trust # replace ident or peer with trust

reload postgresql

/etc/init.d/postgresql reload …


To make sure that PostGreSQL is running on the system check the following processes are present on the server:




root@pcfreak:/var/www/images# ps axu|grep -i post postgres 9893 0.0 0.0 318696 16172 ? S 15:20 0:00 /usr/lib/postgresql/9.5/bin/postgres -D /var/lib/postgresql/9.5/main -c config_file=/etc/postgresql/9.5/main/postgresql.conf postgres 9895 0.0 0.0 318696 1768 ? Ss 15:20 0:00 postgres: checkpointer process postgres 9896 0.0 0.0 318696 2700 ? Ss 15:20 0:00 postgres: writer process postgres 9897 0.0 0.0 318696 1708 ? Ss 15:20 0:00 postgres: wal writer process postgres 9898 0.0 0.0 319132 2564 ? Ss 15:20 0:00 postgres: autovacuum launcher process postgres 9899 0.0 0.0 173680 1652 ? Ss 15:20 0:00 postgres: stats collector process root 14117 0.0 0.0 112404 924 pts/1 S+ 16:09 0:00 grep -i post



Well that's all folks now you will have the postgresql running on its default port 5433:


debian:/etc/postgresql/9.5/main# grep -i port postgresql.conf
port = 5433 # (change requires restart)
# supported by the operating system:
# supported by the operating system:
# ERROR REPORTING AND LOGGING # %r = remote host and port



Well that's it folks thanks The Lord Jesus Christ grace by the prayers of John The Baptist and Saint Sergij Radonezhki it works 🙂



Share this on