Search This Blog

Monday, May 22, 2017

Apply SSL Certificate via HAproxy


Hi Again,


Just thought to share, how a SSL certificate is applied to HAproxy LB

First we need to generate “pem” file which includes private key  from “pfx”. It promts for password

# openssl pkcs12 -in dummy.pfx -out dummy.pem  -nodes

Note: pem file which includes private key is important and not just pem file without private key content

Copy this "pem" file to a specific location, say like

# cp dummy.pem /etc/haproxy/ssl/

Configure SSL cert to Haproxy  - In the front end section

frontend www-https
    mode http
    option forwardfor
    option http-server-close
    bind 0.0.0.0:443 ssl crt /etc/haproxy/ssl/dummy.pem
    reqadd X-Forwarded-Proto:\ https
    default_backend web-backend

and Restart haproxy service

# service haproxy restart

Ola!!!!   When you access your application you must see something like this on the address bar J



Thursday, March 9, 2017

Centos - How to undo a package Installation - Yum 


Hi Friends,

Yesterday someone in my server, accidently updated libvirt packages while trying to install something else.

Puff !!!
All my VMs started failing on reboot
Identified that verions of libvirt and qemu does nt work anymore.

Ona  quick research learnt this

"YUM HISTORY UNDO <NUM>"

It is a life saver

I initially tried "yum downgrade" - but it usually failed in downgrading dependency.

So let me explain you the magic.


Step 1: Find the history

# yum history
Loaded plugins: product-id, refresh-packagekit, subscription-manager
Updating Red Hat repositories.
ID     | Login user               | Date and time    | Action(s)      | Altered
-------------------------------------------------------------------------------
     8 | root <root>              | 2011-10-03 14:40 | Install        |    1   
     7 | root <root>              | 2011-09-21 04:24 | Install        |    1 ##
     6 | root <root>              | 2011-09-21 04:23 | Install        |    1 ##
     5 | root <root>              | 2011-09-16 13:35 | Install        |    1   
     4 | root <root>              | 2011-09-16 13:33 | Erase          |    1   
     3 | root <root>              | 2011-09-14 14:36 | Install        |    1   
     2 | root <root>              | 2011-09-12 15:48 | I, U           |   80   
     1 | System <unset>           | 2011-09-12 14:57 | Install        | 1025  

Step 2: Revert the change

# yum history undo 8

Loaded plugins: product-id, refresh-packagekit, subscription-manager
Updating Red Hat repositories.
Undoing transaction 8, from Mon Oct  3 14:40:01 2011
    Install screen-4.0.3-16.el6.i686
Resolving Dependencies
--> Running transaction check
---> Package screen.i686 0:4.0.3-16.el6 will be erased
--> Finished Dependency Resolution

Dependencies Resolved
================================================================================
 Package          Arch       Version            Repository              Size
================================================================================
Removing:
 screen           i686       4.0.3-16.el6       @rhel-6-server-rpms     783 k

<snip>

Removed:
  screen.i686 0:4.0.3-16.el6
Complete!
Hope this helps someone. Ola ... have a great day