Troubleshooting Ironport HTTPS Certificate Issues

Posted on February 11, 2015 · 2 mins reading time

SSL is great, except when you’re trying to audit access or filter things, let alone simple troubleshooting. Long story short, we run a Man In The Middle style system where our proxies are the HTTPS clients and they have an SSL certificate which all of our clients trust.

This relies on the proxies trusting the certificate chain, and these chains need to be updated periodically. Here’s an example of how to fix it when it goes wrong.

[Read More]

Lego Star Wars Advent Calendar 2014 Day 24

Posted on December 24, 2014 · 1 min reading time

Darth Santa

This is most definitely my favourite set of this year’s advent calendar! I hope you enjoyed the journey, I’ll be putting up a list of all the posts soon.

Have a merry Christmas!

[Read More]

Confluence draft-createpage.action on new page

Posted on December 22, 2014 · 1 min reading time

After I was making changes to my Confluence instance to enable SSL yesterday I was trying to document my work on our wiki.

When creating a page I’d click “Create” then select the template and set the title. Next, clicking create to start the new page action would start a download of a file called “draft-createpage.action

One of the steps of configuring SSL is to set the new base URL to include the HTTPS port. I’d done that, including the new port but hadn’t changed the http to https. Making that change fixed the problem instantly! 🙂

[Read More]

Confluence, SSL and a Windows CA

Posted on December 22, 2014 · 2 mins reading time

This documentation takes into account the extra steps required for installing a certificate and chain issued by a Windows CA when configuring Atlassian Confluence for SSL/HTTPS. This is basically a replacement for Step #1 in the aforementioned link.

In this example “$Confluence$>” is the Confluence install directory. I keep the .keystore file in this directory for my own tracking purposes.

  1. Create the CSR on the Confluence server $Confluence$>jre\bin\keytool -certreq -keyalg RSA -alias tomcat -file certreq.csr -keystore .keystore

    [Read More]

Boot into the GUI after changing default user in raspbian

Posted on December 20, 2014 · 1 min reading time

As usual, when I go looking for something and it takes a while to find, I like to document it here as well. I found some information in this thread “Boot into the GUI after changing default user{.question-hyperlink}” in the Raspberry Pi StackExchange, but I had to modify it quite a lot (including the original post) to reflect the full changes required.

You can manually modify the raspi-config script as follows. Let’s presume we’re using the username “bob”.

[Read More]