lwc:lamp_etc

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		 Previous revision
lwc:lamp_etc [2020/11/26 19:28] – created John Harrisonlwc:lamp_etc [2025/01/22 07:16] (current) John Harrison
Line 14: Line 14:
   * the certificate needs to be a pem file. To create a pem file: cat apache.crt apache.key > apache.pem   * the certificate needs to be a pem file. To create a pem file: cat apache.crt apache.key > apache.pem
  
-After installing server, add CONFIG proxy.config.ssl.max_record_size INT 4095 to records.conf as documented [[https://trafficserver.readthedocs.org/en/latest/admin-guide/files/records.config.en.html?highlight=record%20size#proxy-config-ssl-max-record-size|here]] and [[https://cwiki.apache.org/confluence/display/TS/What's+new+in+v4.2.x#What'snewinv4.2.x-ConfiguremaxTLSrecordsize|here]].\\+After installing server, add ''CONFIG proxy.config.ssl.max_record_size INT 4095'' to ''records.conf'' as documented [[https://trafficserver.readthedocs.org/en/latest/admin-guide/files/records.config.en.html?highlight=record%20size#proxy-config-ssl-max-record-size|here]] and [[https://cwiki.apache.org/confluence/display/TS/What's+new+in+v4.2.x#What'snewinv4.2.x-ConfiguremaxTLSrecordsize|here]].\\
  
   * note: as of 7-Nov-2015 it appears 4095 is too high. 1023 seems to be the number to use.   * note: as of 7-Nov-2015 it appears 4095 is too high. 1023 seems to be the number to use.
  
-test from a remote client with: openssl s_client -connect myhost:443 -debug +test from a remote client with: ''openssl s_client -connect myhost:443 -debug'' 
-look for errors on the server in /var/log/trafficserver/diags.log+look for errors on the server in ''/var/log/trafficserver/diags.log''
 ===== Disable compression ===== ===== Disable compression =====
  
Line 33: Line 33:
  
 if creating a new DB log into mysql, create the DB and give your user permissions to access it: if creating a new DB log into mysql, create the DB and give your user permissions to access it:
 +<code>
 mysql -u root -p mysql -u root -p
   * create database <DB name>;   * create database <DB name>;
Line 38: Line 39:
   * flush privileges;   * flush privileges;
   * quit;   * quit;
 +</code>
 now restore the DB: now restore the DB:
 +<code>
 mysql -u filimin_manager -p mysql -u filimin_manager -p
   * use <DB name>;   * use <DB name>;
   * source <filename>;   * source <filename>;
 +</code>
 +
 +===== Certbot/Letsencypt =====
 +  * add domains to existing certificate on nginx: ''certbot --nginx''
 +    * choose all the domains listed to renew existing domains and add the new ones
 +
 +===== tidbits =====
 +  * check dates of certificate: ''openssl s_client -connect ${SITE_URL}:${SITE_SSL_PORT} -servername ${SITE_URL} 2> /dev/null |  openssl x509 -noout  -dates''
  
  
  
  • lwc/lamp_etc.1606440536.txt.gz
  • Last modified: 2020/11/26 19:28
  • by John Harrison