In this blog we will setup the keycloak instance with ssl encryption.
A running keycloak instance,
NOTE: KEYCLOAK SETUP, follow the below mention links.
Note: If you don’t have third party certificates, then you can generate one , self signed certificates by following the below mentioned blog or you can simply use these openssl commands.
#Create self-signed certificate
openssl genrsa -out server.key 2048
openssl req -new -out server.csr -key server.key
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
The process of accessing the INTERNAL server through a public server or local system is known as SSH TUNNELLING: REMOTE FORWARDING
These are some configurations that need to be changed on both the server and client-side.
On Server Side ( Internal VM ):
Change these variables in this file : FILE=/etc/ssh/sshd_config
2. Save it and run this command to restart your ssh service.
sudo systemctl restart ssh
3. RUN this command to create a ssh tunnel.
nohup ssh -nNv -R 8002:localhost:22 firstname.lastname@example.org &
Command breakup :
nohup, & : to run this process in background
For applications that runs inside of an intranet, a self-signed web certificate is not enough since it cannot be validated by against any CA (Certification Authority). For this we need to create our own root CA, installing it in each pc, and sign the web certificate with it.
Let’s see how can we achieve this:
Creating the Root CA:
Step 1. Create a root key:
openssl genrsa -des3 -out rootCA.key 4096
Step 2. Create and self sign a root certificate:
openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 -out rootCA.crt
Now,Install the root certificate in each of the…
Some ports generate an error (
ERR_UNSAFE_PORT) when browsing to them via Chrome (see this related question).
if you are getting the above mentioned error in your application/services, then try changing the port.
These are the list of restricted ports on chrome.
1, // tcpmux
7, // echo
9, // discard
11, // systat
13, // daytime
15, // netstat
17, // qotd
19, // chargen
20, // ftp data
In this blog, we will learn about how to setup a docker private registry and setup authentication as well through docker.
Run this Dockerfile to create your registry image and run it.
RUN mkdir -m 777 data auth
ENV REGISTRY_AUTH htpasswd
ENV REGISTRY_AUTH_HTPASSWD_REALM Registry
ENV REGISTRY_AUTH_HTPASSWD_PATH /auth/registry.password
RUN apk update && apk add apache2-utils
RUN cd auth && htpasswd -b -B -c registry.password admin admin
RUN htpasswd -b registry.password dev dev@dev
Command to build & run the registry image:
docker build -t local_registry .
docker run -p 5000:5000 -d -v /data:/data local_registry
Api’s to query the Docker images stored in the registry.
List all repositories (effectively images):
curl -X GET -u admin:admin https://myregistry:5000/v2/_catalog
List all tags for a repository:
curl -X GET admin:admin https://myregistry:5000/v2/ubuntu/tags/list
When you have expanded the disk for the VM, you need to go into the OS and expand the volume to encompass the new space. There are several methods for expanding a partition. This section covers connecting the VM using an RDP connection to expand the partition using DiskPart.
list volume. Make note of the volume you want to extend.
select volume <volumenumber>. This selects the volume volumenumber that you want to extend into contiguous, empty space on the same disk. Ex: select volume 1
extend [size=<size>]. This extends the selected volume by size in megabytes (MB).Ex: extend size=125000
Linux is an open source and most used operating system created in 1991 by Linus Torvalds. It is widely used in the software industry for developing and maintaining highly robust application. It offers security, privacy, task automation, system updates and it is developer friendly in nature. It has pre installed tools and binaries that helps in the various phases of SDLC.
It offers a free operating system. You do not have to spend hundreds of dollars to get the OS like Windows!
These are steps to change your http routes to https.
Step1. Go to this url and download the zip installer from here ( nginx: download ) and unzip it.
Step 2. Generate the certificate for your machine. Take reference from here.
Step 3. Copy your certsin your windows machine, if created from another machine and paste it on the nginx folder (root location).
Step 4. Update your ~/nginx/conf/nginx.conf file with this one. Replace localhost with your dns name and proxy_pass url with your local base url on which your application is working.
This post will describe an easy way to manage your Azure storage data through a simple tool that is available in Linux, MAC os, and Windows.
You can download the one according to your operating system through this URL.
After successful download, click to install
Accept the terms and click Install:
Most people often find it difficult to set up docker and configure it when running behind any proxy server, if you’re trying to run Docker without having direct access to the web you have to configure the docker daemon to use a proxy server. Without it, you won’t be able to pull or push any image.
The image above is for windows docker proxy settings and you will have the same settings with the Linux servers as well, with the steps mentioned below.
I see a lot of tutorials on the internet describing how to apply the proxy in the…