Testing SSL Chaining Issues

Recently I needed to debug an issue by testing SSL chaining issues My old standby tools (curl and openssl were not reporting any errors) The exception javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors Cause The cert from the keystore does not match the cert from . . . → Read More: Testing SSL Chaining Issues

nginx code igniter remove index.php prefix

Objective

Remove the index.php prefix from your nginx code igniter instance.

Assumptions In your main nginx conf file you define how php is called (unix socket or ip:port) You will replace foo.example.com with whatever your domain name is The proper logging path will be defined per your system as opposed to the location i have . . . → Read More: nginx code igniter remove index.php prefix

nginx redirect single url

Objective

Using nginx redirect single url

Example

ORIGINAL URL:

http://example.com/foo

REDIRECT TO:

http://example.com/bar nginx basic php location block example location / { try_files $uri $uri/ @mylocation; } location @mylocation { rewrite ^/foo(.*)$ /bar/ redirect; rewrite ^.*$ /index.php last; } nginx wordpress example location / { try_files $uri $uri/ @wordpress; } location @wordpress { rewrite ^/foo(.*)$ . . . → Read More: nginx redirect single url

linux remove blank lines from file

To remove blank lines from a file on a unix or linux computer try this:

# grep -v “^$” filename > newfilename

nginx logrotate script

nginx logrotate script

Create a new file at /etc/logrotate.d/nginx with contents: /var/log/nginx/*.log { daily missingok rotate 52 compress delaycompress notifempty create 640 root adm sharedscripts postrotate [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` endscript } Run Logrotate # /etc/cron.daily/logrotate

nginx ssl pfx

This article will explain what to do with nginx ssl pfx.

First get the pfx file to your server. In this example we will be using a directory called “ssl” off of the nginx root (where nginx.conf is located).

From within the ssl folder, export the certificate:

openssl pkcs12 -in star.yourdomain.com.pfx -nokeys -out star.yourdomain.com.pem

Export . . . → Read More: nginx ssl pfx

Install PHP APC with Nginx on Centos 6.2

Install PHP APC with Nginx on Centos 6.2

Install latest apc:

# pecl install apc-3.1.10

Move your old apc.ini to a safe location:

# mv /etc/php.d/apc.ini /etc/php.d/apc.ini.old

Create a new /etc/php.d/apc.ini (content below):

; Enable apc extension module extension = apc.so ; Options for the APC module version >= 3.1.3 ; See http://www.php.net/m…nfiguration.php ; This . . . → Read More: Install PHP APC with Nginx on Centos 6.2

nginx secure /user drupal

If you are not serving drupal out of a subdirectory use this config example:

location / { # This is cool because no php is touched for static content try_files $uri @rewrite; } location @rewrite { Some modules enforce no slash (/) at the end of the URL Else this rewrite block wouldn’t be needed . . . → Read More: nginx secure /user drupal

nginx php centos6 howto

Remove previous php installation

# yum remove php-cli php-common

Add the EPEL and REMI repos:

wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-7.noarch.rpm wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm sudo rpm -Uvh remi-release-6*.rpm epel-release-6*.rpm

Install nginx prerequisites

# yum install perl pcre-devel gperftools-devel geoip geoip-devel

Download nginx

# wget “http://nginx.org/download/nginx-1.2.1.tar.gz”

Nginx configuration & installation:

# ./configure –prefix=/etc/nginx/ –sbin-path=/usr/sbin/nginx –conf-path=/etc/nginx/nginx.conf –error-log-path=/var/log/nginx/error.log –http-log-path=/var/log/nginx/access.log –pid-path=/var/run/nginx.pid –lock-path=/var/run/nginx.lock –http-client-body-temp-path=/var/cache/nginx/client_temp –http-proxy-temp-path=/var/cache/nginx/proxy_temp . . . → Read More: nginx php centos6 howto