Posts Tagged ‘parent’

Apache SSLCertificateChainFile adding SSL with Certificate Chain / What is Certificate Chain

Friday, January 31st, 2014

configure-apache-ssl-certificate-chain-ssl-certificate-keychain-each-signing-each-other

If you work in a big company with large network infrastructure who has to deal with SSL Certificates you will sooner or later will have to learn about existence of SSL Certificate Chains.
Its worthy thus to know what is SSL Certificate Chains and how such a chain is configured in Apache?

Personal SSL certificates (certificates issued to an individual or a company) can be used by clients to uniquely identify themselves when they are involved in starting an SSL connection.
SSL Certificate file contains X.509 certificate, which, in turn, contains a public key used for encryption.
Each personal certificate has zero or more certificate chains of certification authority certificates that extend back to the root certification authority.
 

Certificate R (Root Certification Authority)
|
| represents issuer of
V
Certificate I1 (Intermediate Certification Authority)
|
| represents issuer of
V
Certificate I2 (A subsidiary Intermediate Certification Authority)
|
| represents issuer of
V
Certificate I3 (A further subsidiary Intermediate Certification Authority)
|
| represents issuer of
V
Certificate P (A personal certificate that is used to identify its owner 
on an SSL handshake)

Certificate chains are used to verify the authenticity of each certificate in that chain, including the personal certificate. Each certificate in the chain is validated using its 'parent' certificate, which in turn is validated using the next certificate up the chain, and so on, from the personal certificate up to the root certification authority certificate.

Now after explaining thoroughfully what is SSL Certificate Chain, here is how to configure a SSL Certificate in Apache Webserver.

Open apache2.conf or httpd.conf (depending on GNU / Linux distribution) and add to it;

  SSLEngine On
   SSLCertificateFile conf/cert/webserver-host.crt
   SSLCertificateKeyFile conf/cert/webserver-host.key
   SSLCertificateChainFile conf/cert/internet-v4.crt
   # SSLCertificateChainFile conf/cert/intranet-v3.crt
   SSLOptions +StdEnvVars +OptRenegotiate +ExportCertData

SSLCertificateChainFile conf/cert/chain-cert.crt
loads a chain of separate Personal SSL certificates each signing each other on different levels, chain is leading to top ROOT CA (Certificate Authority).

How to Add sub-menus to Joomla main navigation buttons (Making dropdown menus) in Joomla

Tuesday, December 7th, 2010

I’m using a template youbizz just recently for a website. The website is already configured to use Joomla as a CMS.
This is a website related to the university so joomla was the perfect choice for a quick and easy to configure Content Management System

The youbizz template really makes difference and make the website layout look & feel quite a business looking.

However I needed a way to make my general configured menu buttons on the website to have a dropdown sub-menus in it

I even didn’t know if Joomla is supporting this, but by a chance I’ve made a submenu to the website Home buttom menu and thus I learned it how I can make submenus.

It actually appears creating the submenus to a menu in Joomla is a piece of cake, all you have to do in joomla administrator is go to to:

Menus -> Main Menu

From there you can configure as website buttons and link them to the ones already prepared in Article Manager

Just in case if you don’t know to add a buttons to a new joomla installation it’s necessary from admin to first go to:

Content -> Article Manager

Next press the New button (a green button with an image of a plus sign)

Thereon put a Title , Alias and in the input box put on everything you want this button pressed to show up in ur website.

Completing that simply press the Apply button and it should be done.
Next step to make the article appear in Menus -> Main Menu is to go this section and respectively from there use the green button with the plus sign to add up a new element to the main menu.

Right after you will have the Menu Item: [ New ] to appear it looks like in the pic below:

Joomla menu add new element screenshot

From the list of items to select you need to select the Article menu element. A submenu will appear in your browser to the Articles reading:

Article Layout
Article Submission Layout
etc.

From this menu you will have to select the Article Layout

The next screen to appear will look like the pic below:

Joomla main menu add new button through article, article layout

Here in article layout few things needs to be adjusted, again you will need to place the Title and the Alias, further after from the Parameters (Basic) located on the right you will have to select an article to link the new menu you’re just creating in Joomla’s new menu.
This is achieved via pressing the Select button located nearby the Select Article
Here it’s important to note the existence of Parent Item scrolldown field. This field will have all the created menu buttons in Main Menu . In case if this is the first one to create in main menu then it could be also empty.

The Parent Item field is really an important field and through it the menu’s submenus are created in Joomla.

For instance let’s say you want the current creating article to be listing as a sub-benu button to another already existing category, instead of listing as a separate button to the Joomla’s main menu navigation.

Well it’s pretty easy just choose from the Parent Item the name of an already existing menu button in Joomla main menu to be the parent of the sub-menu button you want to have.
That’s it now you will have the sub-menu button to appear as a drop down button (if of course your template supports dropdown menus).
There are few more options to choose in between which I found to be quite self explanatory, so I want explain them

But I hope I was able to explain at least the basics how menu subbuttons can be created in Joomla 1.5I find it a bit harder to explain in a bit plain way, but anyways if some of my dear readers is not understanding how to achieve the sub-menus I’m more than willing to help out further via the comments.

How to Prevent Server inaccessibility by using a secondary SSH Server access port

Monday, December 12th, 2011

One of the Debian servers’s SSH daemon suddenly become inaccessible today. While trying to ssh I experienced the following error:

$ ssh root@my-server.net -v
OpenSSH_5.8p1 Debian-2, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to mx.soccerfame.com [83.170.104.169] port 22.
debug1: Connection established.
debug1: identity file /home/hipo/.ssh/id_rsa type -1
debug1: identity file /home/hipo/.ssh/id_rsa-cert type -1
debug1: identity file /home/hipo/.ssh/id_dsa type -1
debug1: identity file /home/hipo/.ssh/id_dsa-cert type -1
...
Connection closed by remote host

Interestingly only the SSH server and sometimes the mail server was failing to respond and therefore any mean to access the server was lost. Anyways some of the services on the server for example Nginx continued working just fine.
Some time ago while still working for design.bgweb development company, I’ve experienced some similar errors with SSH servers, so I already had a clue, on a way to work around the issue and to secure myself against the situation to loose access to remote server because the secure shell daemon has broken up.

My work around is actually very simple, I run a secondary sshd (different sshd instance) listening on a different port number.

To do so I invoke the sshd daemon on port 2207 like so:

debian:~# /usr/sbin/sshd -p 2207
debian:~#

Besides that to ensure my sshd -p 2207 will be running on next boot I add:

/usr/sbin/sshd -p 2207

to /etc/rc.local (before the script end line exit 0 ). I do set the sshd -p 2207 to run via /etc/rc.local on purpose instead of directly adding a Port 2207 line in /etc/ssh/sshd_config. The reason, why I’m not using /etc/ssh/sshd_config is that I’m not sure if using the sshd config to set a secondary port does run the port under a different sshd parent. If using the config doesn’t run the separate ssh port under a different server parent this will mean that once the main parent hangs, the secondary port will become inaccessible as well.