OpenSSL installation on microsoft windows server 2016

1) Download OpenSSL from
2) runs cmd under Administrator
3) cd to the C:\Path-openSSL-installation folder
4) set OPPENSSL_CONF=C:\OpenSSL\bin\openssl.conf (the path should be set without the quotes “”) – this files contains the config settings for the crs
5) generate a new private key and a crs request for the Certificate Authority
openssl req -new -nodes -keyout hostname.2016.key -out hostname.2016-server.csr -newkey rsa:2048
6) check the csr that was generated at CSR check
7) Submit the csr to the CA and get the certificate in order to copy to the server
8) convert to pem openssl pkcs7 -inform DER -outform PEM -in certificate.p7b -print_certs -out hostname.2016.cert.chain.pem
or openssl x509 -in mycert.crt -out mycert.pem -outform PEM
9) copy file to the apache, nginx, stunnel appropriate folders and adjust the config file of the web server
ex: apache

DocumentRoot /var/www/html2
SSLEngine on
SSLCertificateFile /path/to/your_domain_name.crt
SSLCertificateKeyFile /path/to/your_private.key
SSLCertificateChainFile /path/to/DigiCertCA.crt

10) restart the webserver

Posted in Windows Server | Leave a comment

How artificall intelligence will replace human knowledge

Service desk and It demandes will be replaced by human intelligence robotically optimized (hiro product)

Posted in Artifical Intelligence | Leave a comment

How to backup & update Drupal using command line

  1. backup core files:
    tar vcfz backup/pre-dup-update-7xx.tar.gz

tar -czvf name-of-archive.tar.gz /path/to/directory-or-file

  1. backup drupal database (Mysql)
    mysqldump -uusername -p databasename > backup/folder/file.sql
  2. backup drupal database (Mysql)
    mysqldump -uusername -p databasename > backup/folder/file.sql
  3. backup drupal database (Mysql)
Posted in CMS, Drupal | Leave a comment

The most security risks on the web

1) Sql injection

– Try to simulate sql injection with very known tool HaviJ

2) Transport Layer attacks (http/https)

– Typically Man in the middle attack that sniffs the no secured traffic by injecting   javascript  keylogger on the webpage specially in login page.
Cookies are source of this kind of attacks too.

3) Insecure password storage

– Password are stored either in plain text either encrypted or cryptographically hashed mode (one way process)
Password storage on the DB has to be always hashed with the right algorithm rather that just encrypted them and enforce a strong password policy
Try hashcat combined with password dictionary downloaded on sites such as  “”

4) Cross Site Scripting (XSS)

– Technique of distributing a link with xss payload , victims follows the link , page  returned to browser (reflected) and victim’s data sent to attacker
– Encode correctly HTML / HTML attributes/ CSS / JavaScript
– Protect the cookies not to be accessible by client script

5) Weak Account Management

– Poor password tools, lack to brute force protection, remember password option of web browsers, password change mechanism, account enumeration list ( the page answer to a request to confirm or not the existence of an account on the system).

Posted in Uncategorized | Leave a comment

Free fonts from google

Google offers a solution for pic’s fonts called  noto download link

Posted in Uncategorized | Leave a comment

What is gartner saying about trends in the last 10 years

Loooking from the Gartner point of view trends











Posted in Uncategorized | Leave a comment

.NET 3.5 installation error 80244022

Error Code 0x80244022 le trying to install .Net Framework 3.5 in Windows 10 version

Error Code 0x80244022 while trying to install .Net Framework 3.5 in Windows 10 version


  1. gpedit.msc in RUN. It’ll open Group Policy Editor.
  2. Go to : Computer Configuration -> Administrative Templates -> System
  3. Under Specify settings for optional component installation and component repair,  option set to Enabled and select Download repair content and optional features directly from Windows Update instead of Windows Server Update Services (WSUS) option  as shown in the picture

Specify settings for optional component installation and component

Posted in Windows 10 | Leave a comment

Radia Perlman penned this poem while she developed Spanning Tree

Posted in Network | Leave a comment

SSL Apache configuration under *Nix distribution

In this case you will deal with 3 types of files :

*.csr => file contains the CSR code that you need to submit to the authority that will issue the certificate . During certificate activation specially for wildcard please define  under Common Name (eg, your name or your server’s hostname) []:*.domain.tdl
*.key => file is the Private Key which is generated during the request of the crs file. This key will be used for decryption during communication between Client and Server (please keep safe you private key and never make it public)
*.crt => The authority that is issuing the certificate will send you different files such as ServerCA, TrustedCA, CARoot etc. This is you certificate and is used for validation. This can be bundle in one file if needed or can be downloaded from the registrar.
Hashing algorithm SH1 is obsolete and SHA-2  up to 2048 is strongly recommend.
3 steps to install the certificate:

  1. Generate a CSR run the command below in terminal: openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr
  2. Submit the request  (contet of server.csr genreated at step 1)to the issuer of the certificate
  3. Once the code you need to edit the Appache Virtual Host files as follows

Fedora/CentOS/RHEL: /etc/httpd/conf/httpd.conf

Debian and Debian based: /etc/apache2/apache2.conf


Listen 443

<VirtualHost _default_:443>

DocumentRoot “/var/www”

ServerName *your_domain_name*

SSLEngine on

SSLCertificateFile “/ssl/*your_domain_name*.crt”

SSLCertificateKeyFile “/ssl/*your_private_key*.key”

SSLCACertificateFile “/ssl/bundle.crt”



Posted in Uncategorized | Leave a comment

Nginx configuration files

The way nginx and its modules work is determined in the configuration file. By default, the configuration file is named nginx.conf and placed in the directory /usr/local/nginx/conf, /etc/nginx, or /usr/local/etc/nginx.

Strucuture of files and thier extention are prensented like this ( attention, private key shouldn’t be copy on any other certificate )

my certificate: mydomain.crt
intermediate certificate: AuthorityIssuer.pem

my private key : mydomain.key
and signing request: mydomain.csr

SSL configurations to come


Posted in Apache, Ngninx, WebServers | Leave a comment