Klunky Blog

Klunky Blog

  • Blog
  • Email
  • Feed
  • Log in

Pages

  • MacOS Finder - Make it show all of the files in the directory

Recent Posts

  • MacOS Finder - Make it show...
  • Previously, Logrotate was...
  • Pyramid Technology series...
  • Fighting typeset -r shell...
  • The Apt and I, disagree

Archive

  • December 2024
  • January 2024
  • November 2023
  • October 2023
  • September 2019
  • October 2016
  • March 2015
  • November 2014
  • June 2014
  • November 2013
  • May 2013
  • June 2012
Archive of 2019

October 2016

  • One liner OpenSSL...

    $ openssl req -new -newkey rsa:4096 -days 3650 -nodes -x509 -keyout hixxxxxxxx.onion.key -out hixxxxxxxx.onion.crt Stick it in your nginx configuration. SSL Stapling not required because it's self-signed. So, it's commented. ssl_certificate /etc/ssl/certs/hixxxxxxxx.onion.crt ; ssl_certificate_key /etc/ssl/private/hixxxxxxxx.onion.key ; ssl_prefer_server_ciphers on; ssl_protocols TLSv1.2; ssl_ecdh_curve secp384r1; ssl_session_timeout 10m; ssl_session_tickets off; #ssl_stapling on; #ssl_stapling_verify on; #ssl_trusted_certificate /etc/blah/blah/blah.pem; resolver 127.0.0.1 8.8.8.8 valid=300s; resolver_timeout 2s; We're good to go.

    Permanent link to “One liner OpenSSL Self-Signed Certificate? Yes, please”
Archive of 2015
  • Blog
  • MacOS Finder - Make it show all of the files in the directory
  • Email
  • Feed
  • Archive
  • Log in
  • Menu