Self Sign Cert

Self Sign Certificate on your private network like a NAS to encrypt administration logon

=====================

Error message: NET::ERR_CERT_AUTHORITY_INVALID


#1 Download and install OpenSSL on your root drive, like c:\OpenSSL


#2 Create New Self Sign Certificate, using configuration file 'openssl.cnf' below and command line like
openssl req -x509 -new -nodes -days 3650 -keyout nas2.key -out nas2.pem -config openssl.cnf

Of course, update these lines:

[ req_dn ]
countryName            = MyCountry
stateOrProvinceName    = MyDistrict
organizationName       = MyFirm
commonName             = MyDings

[alt_names]
DNS.1 = MyDings1
DNS.2 = MyDings2
DNS.3 = MyDings3
etc

#3 After Creating cert and key, import them to your certmgr


#4 Then import them to you NAS


#5 Still not working in browser. open an inPrivate/Inconito Window and go to your URL. Now it should work. Go back to your normal browser Window and try again!



Sample 'openssl.cnf'

######################################################
# OpenSSL config to generate a self-signed certificate
#
# Create certificate with:
# openssl req -x509 -new -nodes -days 3650 -keyout selfsigned.key -out selfsigned.pem -config openssl.cnf
#
# Remove the -nodes option if you want to secure your private key with a passphrase
#
######################################################
################ Req Section ################
# This is used by the `openssl req` command
# to create a certificate request and by the
# `openssl req -x509` command to create a
# self-signed certificate.
[ req ]
# The size of the keys in bits:
default_bits       = 2048

# The message digest for self-signing the certificate
# sha1 or sha256 for best compatability, although most
# OpenSSL digest algorithm can be used.
# md4,md5,mdc2,rmd160,sha1,sha256
default_md = sha256

# Don't prompt for the DN, use configured values instead
# This saves having to type in your DN each time.
prompt             = no
string_mask        = default
distinguished_name = req_dn
# Extensions added while singing with the `openssl req -x509` command
x509_extensions = x509_ext

[ req_dn ]
countryName            = NO
stateOrProvinceName    = MyDistrict
organizationName       = MyFirm
commonName             = MyDings

[ x509_ext ]
subjectKeyIdentifier    = hash
authorityKeyIdentifier  = keyid:always
# No basicConstraints extension is equal to CA:False
# basicConstraints      = critical, CA:False
keyUsage = critical, digitalSignature, keyEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names

[alt_names]
DNS.1 = MyDings1



But, can I not use Powershell?
Of course you can!
New-SelfSignedCertificate -DnsName "MyDings,MyDings1"


You can even use an IP-address in addition to DNS-name:

New-SelfSignedCertificate -TextExtension @("2.5.29.17={text}IPAddress=10.0.0.100&DNS=MyDings&DNS=MyDings1")

Top 5 Popis postis

Citrix FAQ

- as compiled by Shawn Bass ​Q: I'm new to Citrix, where do I get started on learning how to administer it and troubleshoot issues? A: To begin I'd recommend reading the Admin Guides that are available on Citrix's website. Here's a KB article that lists all of the Admin Guides: http://support.citrix.com/article/CTX107618 Citrix is also placing all documentation online now at Citrix eDocs: http://support.citrix.com/proddocs/index.jsp?lang=en I'd also recommend reading an overall instructional book on Citrix/Terminal Services such as the freely downloadable books from BrianMadden.com or Doug Brown's Methodology in a Box. Lastly I would recommend getting the Citrix Brief Troubleshooting Guide which is an excellent reference guide with admin related info across several of Citrix's products: http://support.citrix.com/article/CTX106727 Q: How can I teach my software developers to develop their software to be compatible with Terminal Services? A...
Read more »

How to Downgrade Windows Server 2012 R2 Datacenter to Windows Server 2012 R2 Standard?

Setup can only upgrade, not downgrade, so how is it possible? 1. Edit the registry to fool the Windows Setup to believe we are running on Windows Server 2012 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion EditionID=ServerStandard ProductName=Windows Server 2012 Standard 2. Run Setup, and you get the option to 'upgrade' to: Windows Server 2012 R2 Standard (Core) Windows Server 2012 R2 Standard(GUI) Windows Server 2012 R2 Datacenter (Core) Windows Server 2012 R2 datacenter (GUI) 3. Activate with Windows Server 2012 R2 Standard key slmgr /ipk xxxxx-xxxxx-xxxxx-xxxxx-xxxxx
Read more »

ÆØÅ?

Bilde
Hvordan skrive æøå i command line som kjører chcp 427? Hvis man kan endre til Lucida Fonts kan man velge chcp 1252 og skrive bokstavene æøå, men hva skal man gjøre hvis man ikke lett kan endre dette? Løsningen er å skrive inn disse tegnene med spesialtegn. Her ser du hvordan de ser ut i en Hex-editor: Her er en oppskrift på hvordan du lager en slik fil som inneholder disse karakterene. Åpne cmd Skriv inn echo og ett mellomrom Hold inne Alt-knappen, tast 145 og slipp Alt-tasten Hold inne Alt-knappen, tast 155 og slipp Alt-tasten Hold inne Alt-knappen, tast 134 og slipp Alt-tasten Hold inne Alt-knappen, tast 146 og slipp Alt-tasten Hold inne Alt-knappen, tast 157 og slipp Alt-tasten Hold inne Alt-knappen, tast 143 og slipp Alt-tasten Skriv til slutt på linjen karakteren > og et filnavn  Trykk enter Du har nå lagt en fil der æøåÆØÅ ligger inne i riktig format, som du kan klippe og lime inn i dine egne cmd-filer. Du kan også laste ned en ansi-tekstfil som inneholder disse tegnene. H...
Read more »