Latest Server related questions

We have generated a certificate via Letsencrypt and trying to use it via nginx, but we get a weird error:

cannot load certificate "/home/path/site.pem": PEM_read_bio_X509_AUX() failed

The solution we found was to add a space infront of the certificate (notice the space infront of the cert) (also note that i have changed the content of the cert for security).

-----BEGIN CERTIFICATE-----
 MIIF8DCCB ...

We currently have 6 MSSQL (SQL2016 Enterprise) servers running on Windows server 2016. We are running windows failover cluster and always on availability.

Last weekend we had an issue with the failover cluster. The failover cluster server had to be restarted for everything to come back to normal. Still investigating what caused this.

So everything came back up and running normally. The issue we are  ...

“PKI infra will be built on domain “hgb.hs.int” which is internal and not routable over internet. So, the CRL URL would be http://crl.abc.int (accessible only from internal). “abc.co.uk” is the domain routable over internet, question is How can we publish the CRL over internet? Can we host and publish the CRL using http://crl.abc.co.uk in the DMZ vNet which can be accessed by both intranet a ...

I had installed windows 2019 server and windows 11 in clients. I had configured active directory . I hade created Organisational unit. Then applied Group policy in organisation units.

i have configured custom wallpaper policy. “User Configuration” -> “Policies” -> “Administrative Templates” -> “Desktop” -> “Desktop” -> “Desktop Wallpaper”

on first instance it d ...

I am trying to point my cname to my wildcard FQDN which has multiple A-Records.

Dig Output:

;; QUESTION SECTION:
;access.domain.intra.   IN      A

;; ANSWER SECTION:
access.domain.intra. 3600 IN    CNAME   *.sub.domain.intra.
*.sub.domain.intra. 3600 IN    A       192.168.1.1
*.sub.domain.intra. 3600 IN    A       192.168.1.2
*.sub.domain.intra. 3600 IN    A       192.168.1.3
*.sub.domain.intra. 3600 ...

I am trying to set up a site-to-site VPN connection between AWS and Cisco ASA, but the tunnel status is shown as "Down," and under the details section, the message is "IPSEC IS DOWN." Please find below the tunnel logs:

AWS tunnel is the IKE_SA initiator
AWS tunnel is sending request (id=0) for IKE_SA_INIT exchange
sending packet: from < tunnel ip> [UDP 500] to <CGW> [UDP 500] (304 bytes ...

I need to migrate a database that was managed by someone who left the company. The source server is MariaDB 1:10.5.5, the destination MariaDB 1:10.5.19.

The existing backup scripts use the following command:

mysqldump --max_allowed_packet=5120M -u root -p my_db > my_dump.sql

Both servers have the following settings In /etc/mysql/conf.d/mysqldump.cnf:

[mysqldump]
quick
quote-names
max_allowed_pa ...

I have a React app that is running on AWS S3, The website is served over HTTPS. This website has a page that plays live streams (hosted on other servers) via VideoJS. some stream links(M3U8) work only with HTTP thus resulting in mixed content policy error.

for a workaround, I want this page to be served without an SSL certificate but not sure how to do that. I tried adding a proxy in the package  ...

I have installed Windows Server 2019, Active Directory, and Windows 11 clients. I have created an Organizational Unit (OU). I then applied Group Policy in OU. Some of the restriction are working but others are not.

Some of the Group Policies are not displaying in the OU.

"Prohibit User Install" User Configuration>Policies>Administrative Templates>Windows Components>Windows Installer. i ...

I have an AKS cluster where I added a new node pool. While creating the node pool, I set the option "Enable public IP per node" as Disabled. However, I still notice that my nodes in the VMSS have a public IP. I am looking for a possible explanation of where does it come from?

Additional Info:

1. In the kubectl get nodes -o wide, I only see INTERNAL-IP and there's no EXTERNAL-IP.
2. When I try to make a c ...

I am currently in the process of moving an domain controller from one Server > Windows Server 2012R2 to Windows Server 2022.

I am currently working my way through the Active Directory Domain Services Configuration Wizard but an error has appeared.

Error

The WSMan Provider Host Process did not return a proper response.

I have looked online but I can't really see anything for this specific scenario.

I followed the onboarding instructions:

 curl -Ls https://download.newrelic.com/install/newrelic-cli/scripts/install.sh | bash && sudo  NEW_RELIC_API_KEY=xxxxxx NEW_RELIC_ACCOUNT_ID=3964531 /usr/local/bin/newrelic install

How do i uninstall it?

I can define custom scores for SpamAssasin, default one seems to be zero and it makes me wonder if i should raise it, but before doing so, where can i find detailed information on how these particular scores works in order to evaluate right score value to use?

I was searching a few sites like https://cwiki.apache.org/confluence/display/spamassassin/ for phrase "SPOOFED_FREEMAIL", to discover detail abo ...

We have an Apache Archiva server that we use as our main object repository for Maven. This server has been running for years already.

I have noticed that it still stores old version artifacts that are not in use anymore.

That means that I must do come manual cleanup of it to avoid having it consuming too much disk space.

I want to have the artifacts that have not been used in the last X months deleted  ...

I execute cat /etc/os-release in a container.

I have an Ubuntu 22.04 docker host. When I run a container, and see the linux os-release file inside the container, I see my Ubuntu name, regardless in which container I execute it...

However I also have an other Kubernetes cluster also on Ubuntu 22.04 (no docker, the cluster configured to use containerd directly). If I create a deployment based on an ...

I have about 300 server nodes using PXE boot process and with dhcp ip. Those 300 nodes communicate with a "central" server that is served as the PXE server and dhcp server. However those nodes sometimes may lose network connection (when a node loses network connection in my case, the mac address of the nic is still visible using ifconfig, but often the ip address just does not show up and ping the centr ...

The usage of NAT Gateway skyrocketed since last week. I was tasked to find the root cause of this since the AWS bill is considerably high now.

My first action was to ask people. No one is aware about any deployment that could cause this issue.

Then, I enabled the flow logs and used CloudWatch Insights to create a rank of the IPs that are hitting the NAT gateway ordered by the amount of data. There a ...

My server exposes two ssh ports: one for the server itself, and one for a git daemon (gitea).

My local ~/.ssh/config:

Host server
    hostname 1.2.3.4
    port 22
    user foo
    identityfile ~/.ssh/id_rsa_server
Host gitea
    hostname 1.2.3.4
    port 2222
    user git
    identityfile ~/.ssh/id_rsa_gitea

I can ssh into the server using $ ssh server.

But I cannot ssh or perform git operations using

In the last week Red Hat announced changes to source code access which is through to make is difficult (impossible?) for downstream rebuilds of RHEL to exist. Red Hat later clarified that that was their intention in making this change.

My concern is that "back in the day" that's exactly what Centos was, and all versions up to and including 7 were RHEL rebuilds (Stream 8 became something different, but th ...

I have a rather simple question, which I thought I knew the answer, but I'm stuck with it.

I have two linux boxes:

Server A :

• IP : 10.10.19.1/24
• Can contact 10.10.18.0/24 through an IPsec VPN (works fine)
• ip forwarding set to 1

Server B :

• IP : 10.10.19.55/24
• One route has been added to reach 10.10.18.0/24 : => 10.192.18.0/24 via 10.192.19.1 dev ens8

Some facts :

• Server B and Server A can ping ...

I have a python 3.9 Projekt that I want to deploy on a app engine. But when I create a new app engine with gcloud app create I get following error: ERROR: (gcloud.app.create) The project [aireview-390315] already contains an App Engine application. You can deploy your application using gcloud app deploy. When I use gcloud app deploy I get the same error. When I use gcloud app browse, I get following  ...

Im currently working with LDAPRecord library in a Laravel project. I want to use a pagination function but it's required having virtual list view (vlv) extension to my ldap server

, I dont quite know the steps to add it but from what i found , I created a ldif file in \etc\ldap\slapd.d\cn=config\cn=module{1}.ldif enter image description here then I use the ldapmodify commandenter image descriptio ...

What I need

A way to get an asc file containing the signature from an rpm file.

Why I need it

I'm running into the issue described in this Reddit thread, where Chrome installed from https://www.google.com/linuxrepositories/ can't have its signature validated because the version of rpm in CentOS 7 doesn't support validating against subkeys. One of the commenters suggested https://bugzilla.redhat.com/sh ...

A problem has cropped up on my network today and I'm rather confused. Firstly here's the setup of my network....

1. Internet traffic comes in via static ip.
2. Ubiquiti Dream Machine Pro forwards mail server ports to mail server VM (ports 25,465,587,143,993 all routed to mail server's internal IP Address)
3. Mail clients connect to mail server using domain name. Domain is set to static IP.

I have several  ...

I have a host that have two WAN interfaces connected to the two different ISP (lets say it is LTE modem and WiFi module). Each interface get it's IPv4 address, network and gateway using DHCP and almost always it is private IPv4 address.

The issue is that two ISPs can decide to give IPv4 address from same network (for example LTE modem will get 10.10.0.1/24 and WiFi module 10.10.0.2/24). Such conf ...

I have a reactjs app being served by a container running NGINX with following configuration:

server {
listen       ${NGINX_PORT};
access_log  /var/log/nginx/access.log  main;
location / {
    root   /usr/share/nginx/html;
    try_files $uri $uri/ /index.html?$args;        
}
}

Then I put a reverse proxy in front of it with the following configuration:

upstream internal {
    server X.X.X.X:3100;
 ...

I have a requirement to close a port without killing the process to test out a certain fallback scenario. I am using MacOS and I am unable to figure out how to do this, can someone please help?

I tried setting iptable rule using pfctl, but that did not work (Ref - https://superuser.com/questions/505128/deny-access-to-a-port-from-localhost-on-osx) : (sudo pfctl -sr 2>/dev/null; echo "block drop quick  ...

INTRO:

There's an IPIP tunnel (call it megatun0) to a machine connected to a private network. The megatun0 tunnel is bound with the address 192.168.15.1. One of the network interface on the machine remote machine has address 10.10.10.10.

PROBLEM:

ping -I megatun0 10.10.10.10 reports no ICMP echo replies received. Running strace ping -I megatun0 10.10.10.10 didn't show up anything interesting except that

I'm in the process of setting up a Ubuntu Desktop VM on a bare metal server using VMware vSphere. Once the development process is complete, I plan to transfer the VM to Microsoft Azure VM infrastructure for production using Veeam Backup & Replication. However, I'm uncertain about the best choice for the "Linux Journaling File System" and "Volume Manager" during the VM installation on VMware vSphere, ...

I have a build system set up which has 5 pcs and that has a total of 9 virtual machines using Hyper-V. I want to update this infrastructure and cut out the need for 5 physical pcs. Is there a way to host all 9 virtual machines on 1 pc or server so that I don't need all physical pcs. If there is a server I can do this on, what are good examples of this kind of server? I dont want to be limited to just 9 ...