Denis Shirokov XJIOP
XJIOP
/ letsencrypt-jetty.sh
Created
February 16, 2020 13:03
— forked from xkr47/letsencrypt-jetty.sh
How to use Letsencrypt certificate & private key with Jetty
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # input: fullchain.pem and privkey.pem as generated by the "letsencrypt-auto" script when run with | |
| # the "auth" aka "certonly" subcommand | |
| # convert certificate chain + private key to the PKCS#12 file format | |
| openssl pkcs12 -export -out keystore.pkcs12 -in fullchain.pem -inkey privkey.pem | |
| # convert PKCS#12 file into Java keystore format | |
| keytool -importkeystore -srckeystore keystore.pkcs12 -srcstoretype PKCS12 -destkeystore keystore.jks | |
| # don't need the PKCS#12 file anymore |
XJIOP
/ CustomTrust.java
Created
February 17, 2020 14:57
— forked from reline/CustomTrust.java
Trusting self-signed certificates in Android using OkHttp
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import okhttp3.*; | |
| import okio.Buffer; | |
| import javax.net.ssl.*; | |
| import java.io.IOException; | |
| import java.io.InputStream; | |
| import java.security.GeneralSecurityException; | |
| import java.security.KeyStore; | |
| import java.security.cert.Certificate; | |
| import java.security.cert.CertificateFactory; |
XJIOP
/ network-tuning.conf
Created
April 5, 2023 15:28
— forked from pensierinmusica/network-tuning.conf
Linux sysctl configuration file for NginX
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Place this file in "/etc/sysctl.d/network-tuning.conf" and | |
| ## run "sysctl -p" to have the kernel pick the new settings up | |
| # Avoid a smurf attack | |
| net.ipv4.icmp_echo_ignore_broadcasts = 1 | |
| # Turn on protection for bad icmp error messages | |
| net.ipv4.icmp_ignore_bogus_error_responses = 1 | |
| # Turn on syncookies for SYN flood attack protection |