For excessively paranoid client authentication.
Updated Apr 5 2019:
because this is a gist from 2011 that people stumble into and maybe you should AES instead of 3DES in the year of our lord 2019.
some other notes:
Matt Eldridge cphrmky
cphrmky
/ gist:cd83dc6e2e9e71305aa7150f6ffc97aa
Created
April 17, 2019 02:54
— forked from mtigas/gist:952344
Mini tutorial for configuring client-side SSL certificates.
cphrmky
/ self-signed-certificate-with-custom-ca.md
Created
April 17, 2019 02:53
— forked from fntlnz/self-signed-certificate-with-custom-ca.md
Self Signed Certificate with Custom Root CA
cphrmky
/ keybase.md
Created
March 13, 2019 19:08
I hereby claim:
- I am cphrmky on github.
- I am cphrmky (https://keybase.io/cphrmky) on keybase.
- I have a public key ASBl_oXe3joXyxrX74wlQDrvYbEOUSzTrp7tbCmCq2wRogo
To claim this, I am signing this object:
cphrmky
/ how-to.md
Created
February 5, 2019 00:43
— forked from reywood/how-to.md
How to get a stack trace from a stuck/hanging python script
Sometimes a python script will simply hang forever with no indication of where things went wrong. Perhaps it's polling a service that will never return a value that allows the program to move forward. Here's a way to see where the program is currently stuck.
Install gdb.
# Redhat, CentOS, etc
cphrmky
/ principessa.py
Created
January 31, 2019 22:59
— forked from raunakdoesdev/principessa.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from sseclient import SSEClient | |
| import requests | |
| from queue import Queue | |
| import json | |
| import threading | |
| import socket | |
| class ClosableSSEClient(SSEClient): |
cphrmky
/ bucket-remover.py
Created
January 24, 2019 17:02
Use boto3 to remove all object versions from an S3 bucket so it can be deleted.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| BUCKET = 'your-bucket-here' # protocol prefix like s3://your-bucket-here is not required | |
| import boto3 | |
| s3 = boto3.resource('s3') | |
| bucket = s3.Bucket(BUCKET) | |
| bucket.object_versions.delete() | |
| # if you want to delete the now-empty bucket as well, uncomment this line: | |
| #bucket.delete() |
cphrmky
/ makeJsonPretty.user.js
Created
December 27, 2018 16:07
— forked from JGaudette/makeJsonPretty.user.js
Greasemonkey Script to format JSON
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // ==UserScript== | |
| // @name Make JSON Pretty | |
| // @version 0.1 | |
| // @description Make JSON look nice | |
| // @include *.json | |
| // @grant none | |
| // ==/UserScript== | |
| function prettySource(obj) { | |
| var maxDepth = 250, |
cphrmky
/ pki-setup.sh
Created
December 14, 2018 19:17
— forked from chrishoffman/pki-setup.sh
Vault Multi-Level CA Setup
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| vault mount pki | |
| vault mount -path=pki1 pki | |
| vault mount -path=pki2 pki | |
| vault mount -path=pki3 pki | |
| vault mount-tune -max-lease-ttl=87600h pki | |
| vault mount-tune -max-lease-ttl=87600h pki1 | |
| vault mount-tune -max-lease-ttl=87600h pki2 | |
| vault mount-tune -max-lease-ttl=87600h pki3 | |
| vault write pki/root/generate/internal common_name="Vault Testing Root Authority" ttl=87600h |
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| { "_id" : "01001", "city" : "AGAWAM", "loc" : [ -72.622739, 42.070206 ], "pop" : 15338, "state" : "MA" }, | |
| { "_id" : "01002", "city" : "CUSHMAN", "loc" : [ -72.51564999999999, 42.377017 ], "pop" : 36963, "state" : "MA" }, | |
| { "_id" : "01005", "city" : "BARRE", "loc" : [ -72.10835400000001, 42.409698 ], "pop" : 4546, "state" : "MA" }, | |
| { "_id" : "01007", "city" : "BELCHERTOWN", "loc" : [ -72.41095300000001, 42.275103 ], "pop" : 10579, "state" : "MA" }, | |
| { "_id" : "01008", "city" : "BLANDFORD", "loc" : [ -72.936114, 42.182949 ], "pop" : 1240, "state" : "MA" }, | |
| { "_id" : "01010", "city" : "BRIMFIELD", "loc" : [ -72.188455, 42.116543 ], "pop" : 3706, "state" : "MA" }, | |
| { "_id" : "01011", "city" : "CHESTER", "loc" : [ -72.988761, 42.279421 ], "pop" : 1688, "state" : "MA" }, | |
| { "_id" : "01012", "city" : "CHESTERFIELD", "loc" : [ -72.833309, 42.38167 ], "pop" : 177, "state" : "MA" }, | |
| { "_id" : "01013", "city" : "CHICOPEE", "loc" : [ -72.607962, 42.162046 ], "pop" : 23396, "state" : "MA" }, |
cphrmky
/ Create CA and chained certificate
Created
August 28, 2018 19:02
— forked from DustinD2/Create CA and chained certificate
This script creates a CA using openssl on a mac. Creates a client certificate and signs it with the CA. Then creates the server certificate for the client.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #This script creates a ca and signs a client key and configures | |
| # the database. | |
| #Configure the Root CA | |
| mkdir ca | |
| cd ca | |
| mkdir certs crl newcerts private | |
| echo "01" > serial |
NewerOlder