Category: Security

InfluxDB + Chronograf: Configuring Let’s Encrypt SSL

InfluxDB + Chronograf: Configuring Let’s Encrypt SSL

If you value security and want to use InfluxDB 1.x and Chronograf with trusted SSL certificates from LetsEncrypt, this post is for you!  This tutorial assumes you are running InfluxDB 1.x and Chronograf either in a LXC container or a traditional VM. If you are using Docker, the procedure would...

Using Wireguard with your Synology Docker Containers

Using Wireguard with your Synology Docker Containers

Do you own a Synology NAS with DSM 7.0 or 7.1 and run Docker containers? Would you like those containers to use a Wireguard VPN provider for increased privacy and security? If the answer is yes, then keep reading. In order to get Wireguard working for Docker containers on your Synology...

How-to: Adding SSH Keys to OPNsense

How-to: Adding SSH Keys to OPNsense

If you enable SSH access on your OPNsense firewall, for the best security you should use SSH keys and disable username/password logins. This blog post will guide you through the quick and easy process of creating SSH keys, installing them, and then configuring OPNsense to only allow SSH key logins....

How-To: Redirect hardcoded DNS to OPNsense

How-To: Redirect hardcoded DNS to OPNsense

In a previous post a while back I wrote how to capture outbound DNS queries with your Ubiquiti EdgeRouter and forward them to Pi-Hole. Now that I've transitioned to OPNsense + NextDNS (replacing my EdgeRouter and Pi-Hole), I wanted to post how to do the same thing in OPNsense. Why...

vSphere 7 – Certificates with VMCA as Subordinate

vSphere 7 – Certificates with VMCA as Subordinate

Over the years I've written a number of blog posts about replacing the SSL certificates for vSphere. Back in the day it was exceedingly difficult and was very error prone (think 5.x and 6.x). However, VMware has made great strides with vSphere 7 in how you manage certificates. Yippee!For enterprises...

Convert your Microsoft CA from RSASSA-PSS to sha256RSA

Convert your Microsoft CA from RSASSA-PSS to sha256RSA

During installation of trusted SSL certificates for a VMware vSphere 7.0 lab environment, I ran into the following error when I was trying to replace the certificates: ERROR certificate-manager 'lstool get-site-id' failed: 1 This error was logged on my VCSA, in the /storage/log/vmware/vmcad/certificate-manager.log file. Some searching found VMware KB71120, which...

Windows Server 2019 Two-Tier PKI CA Pt. 3

Windows Server 2019 Two-Tier PKI CA Pt. 3

Now that we have our offline Windows Server 2019 certificate authority configured in Part 1, and our online subordinate setup in Part 2, now we should setup auto-enrollment and secure the subordinate’s web certificate services with SSL.Auto-enrollment is where domain joined Windows computers are automatically issued a computer certificate. Services...

Page 1 of 3 1 2 3