CSR Generation & Configuration

From Apoyar Wiki
Revision as of 13:06, 29 June 2021 by Admin (talk | contribs) (Created page with "CSR Generation (Bleckmann) --------------------------- CSR – Certificate Signing Request Browse https://returns.bleckmann.com/index.php/frontend click on padlock click...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

CSR Generation (Bleckmann)

CSR – Certificate Signing Request

Browse https://returns.bleckmann.com/index.php/frontend

click on padlock

click on certificate

Click on Details tab, under this click on subject

Copy all information under subject to notepad



Login to phobos.apoyar

Go to below path

• cd /home/neal/certs


Generate key using below command with proper key name

• openssl genrsa -out b2b.bleckmann.com.key 2048


Generate CSR with below command with appropriate information, which we have copied in notepad


• openssl req -new -key b2b.bleckmann.com.key -sha256 -nodes -subj '/C=BE/ST= Overijssel /L= Oldenzaal/O= Bleckmann Nederland B.V. STREET = Eekboerstraat 25 /OU=IT/CN= b2b.bleckmann.com /emailAddress=support2@apoyar.eu/subjectAltName=DNS.1= b2b.bleckmann.com, DNS.2= labelapp.bleckmann.com, DNS.3= carrierstatus.bleckmann.com ' > b2b.bleckmann.com.csr


After generating check CSR information using below command

• openssl req -in b2b.bleckmann.com.csr -noout –text


Configuring Certificate for Renewal


Login to nagios.apoyar


Copy b2b.bleckmann.com.key file to nagios from phobos.apoyar


• scp neal@phobos:/home/neal/b2b.bleckmann.com.key ./


Note:- If getting error while copying, need to change permission of that file on phobos.apoyar


• chmod 444 b2b.bleckmann.com.key


then copy same key file to returns server (bleckmann live)


• scp b2b.bleckmann.com.key returns@10.208.192.174:/home/returns/


After this move crt file from returns server to nagios and then to phobos using below commands


• scp returns@10.208.192.174:/home/returns/b2b.bleckmann.com.crt ./


• scp b2b.bleckmann.com.crt neal@phobos:/home/neal/



Login to phobos.apoyar


Now, we have crt, csr and key at /home/neal/certs/ on phobos.apoyar

Now go to

• cd /home/neal/certs/generated/bleckmann

move all three files here

• mv /home/neal/certs/b2b.blecmann.com* ./

and then remove key file from nagios

Now, login to returns server

Compare crt and key file with below command

• openssl x509 -noout -modulus -in b2b.blecmann.com.crt | openssl md5 && openssl rsa -noout -modulus -in b2b.blecmann.com.key


Now, move crt & key to below path

• mv b2b.blecmann.com.crt /etc/ssl/certs/

• mv b2b.blecmann.com.key /etc/ssl/private/


Note:- If getting error while moving either crt or key, check for owner and permission and change if needed with below commands


• chown root:root filename

• chmod 400 filename


Then go to

• Cd /etc/nginx/sites-available

Here, search for website configuration file with below command

• grep –rmv ‘/etc/nginx/sites-available/’ –e ‘b2b.bleckmann.com’

then edit that conf file

• vi b2b.conf

change crt and key file path in conf file

save and exit file

• :wq!

Note:- Repeat above steps of editing .conf file, if we have multiple domains

Then check for any errors with below command

• nginx –t

and then reload nginx (DON’T RESTART)

• systemctl reload nginx

At last, browse websites and verify those padlocks and certificate information







Email Sending from Magento

- We use SMTP with nagios account

- Office 365 use TLS not SSL


Login to server having issue in sending email and run below command

• cd /home/neal/sendemail/

• apt-get install libnet-ssleay-perl libio-socket-ssl-perl libnet-smtp-ssl-perl

Note:- sendemail folder is not available on server by default.. it will be at github (https://github.com/mogaal/sendemail)


Login to nagios.apoyar

• Cd /usr/local/etc/objects

• Vi commands.cfg

Check for to test at command line in commands.cfg file

Copy that command and run on server having issue in sending email, change email id in below command, mention the one which having issue

We can get that email id from magento, at below path

Store/configuration/general/store email

• ./sendEmail -o tls=yes -s smtp.office365.com:587 -xu nagios@apoyar.eu -xp Ap0yar4321 -t karolp@apoyar.eu -f nagios@apoyar.eu -u "** Subject **" -m "***** Nagios ***"

And at last, check with test mail.


Killing Processes on ZEB & PCR servers

Login to server

Check for service called magento with below command

• ps –aux | grep magento

Check for any java services with below command

• ps –aux | grep java

Once we run above commands, will get running services with Some ID’s

So, using that ID’s we can kill that processes, as below

• Kill ID e.g. kill 9423





After confirming that all db agent and machine agent are stopped, we need to manually start them, for that run below commands PCR:

• cd /opt/appdynamics/db-agent/ nohup java -Ddbagent.name=live-pcr -jar db-agent.jar &

• cd /opt/appdynamics/machine_agent nohup java -Dappdynamics.agent.maxMetrics=5000 -jar machineagent.jar &

Zeb:

• cd /opt/appdynamics/db-agent/ nohup java -jar db-agent.jar &

• cd /opt/appdynamics/machine_agent nohup java -Dappdynamics.agent.maxMetrics=5000 -jar machineagent.jar &

• cd /usr/local/bin/ nohup webm_encode.sh "/var/www/html/migration/pub/media/product_videos/live" & ... additional instances to be started if other paths need to be watched.

Retrieved from ‘https://wiki.apoyar.eu/index.php?title=CSR_Generation_%26_Configuration&oldid=179