Use an SSL/TLS Certificate with ESET Security Management Center Appliance

ESET Security Management Center (ESMC) is the replacement for the ESET Remote Administrator (ERA) Server. You can install ESMC as a “virtual appliance” which will run on hosts such as VMWare or Linux/KVM/QEMU. Under the hood, this appliance is a CentOS 7 server running the Apache Tomcat web server. ESMC is implemented as a Java

Use an SSL/TLS Certificate with ESET Security Management Center Appliance Read More »

Alert Policies for Log Metrics on Google Stackdriver Monitoring

Google Cloud Operations, formerly known as Stackdriver Logging and Monitoring, can be very confusing to set up. It’s easy to monitor something simple, but more complex cases quickly get confusing. One of the more flexible but confusing types of alert policies in Stackdriver Monitoring is a Logs-Based Metrics policy, which gives you the ability to

Alert Policies for Log Metrics on Google Stackdriver Monitoring Read More »

How to use SSL/TLS certificates on a Netgear M4200/4300 switch

If you operate a Netgear switch in an environment that is subject to compliance requirements such as PCI or HIPAA, you are probably doing vulnerability scans, and the HTTP management interface of your switches will generate medium vulnerabilities (at least from Nessus): SSL Self-Signed Certificate SSL Certificate Cannot Be Trusted SSL Certificate Expiry It IS

How to use SSL/TLS certificates on a Netgear M4200/4300 switch Read More »

curl or libcurl: SSL certificate problem: unable to get local issuer certificate

curl, or an application that uses libcurl, may have a problem with an SSL certificate that works fine when using a web browser to access the same URL. Typical error output from curl looks like this: $ curl -v https://my-subdomain.mysecuresite.com Trying xxx.xxx.xxx.xxx:443… TCP_NODELAY set Connected to my-subdomain.mysecuresite.com (xxx.xxx.xxx.xxx) port 443 (#0) ALPN, offering h2 ALPN,

curl or libcurl: SSL certificate problem: unable to get local issuer certificate Read More »

openssl unable to read/load/import SSL private key from GoDaddy

openssl is the standard open-source, command-line tool for manipulating SSL/TLS certificates on Linux, MacOS, and other UNIX-like systems. I recently ran into an interesting problem using openssl to convert a private key obtained from GoDaddy. Someone else used GoDaddy’s “wizard” interface to generate a certificate signing request (CSR) and private key, and saved the files

openssl unable to read/load/import SSL private key from GoDaddy Read More »