View Mode: Normal | Article List

azure linux 内存 768M

[ 2015-04-08 20:23:32 | Author: zhenhua ]
����Ŵ�

key crt converter tomcat keystore

[ 2015-03-25 22:11:12 | Author: zhenhua ]
Quote
openssl pkcs12 -export -in mycert.crt -inkey mykey.key -out mycert.p12 -name tomcat -CAfile mycert.crt -caname root -chain

keytool -importkeystore -v -srckeystore mycert.p12 -srcstoretype pkcs12 -srcstorepass 123456 -destkeystore tomcat.keystore -deststoretype jks -deststorepass 123456

get an A+ on the Qualsys SSL Labs

[ 2015-03-12 13:31:14 | Author: zhenhua ]
For that you’ll need to do the following:

1 Don’t support older protocols. A lot of servers support really old and obsolete protocols. If you run a web app, your users will very likely not need support for these.
2 Don’t support flawed SSL ciphers. There’s a bunch of these and you can avoid using them. Browsers support multiple different ciphers, so this is not a problem.
3 Cache SSL sessions. This will improve performance.
4 Turn on HTTP Strict Transport Security (HSTS). This is a special ...

Read More...

[Hidden] [Hidden]

[ 2014-11-11 15:05:55 | Author: zhenhua ]
You don't have the permission to view this Article.

IIS 启用 TLS 1.2

[ 2014-10-25 17:47:18 | Author: zhenhua ]
进入 Windows PowerShell
Quote
# Enables TLS 1.2 on Windows Server 2008 R2 and Windows 7

# These keys do not exist so they need to be created prior to setting values.
md "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2"
md "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server"
md "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client"

# Enable TLS 1.2 for client and server SCHANNEL communications
...

Read More...

IIS 禁用SSL 3.0

[ 2014-10-25 16:47:03 | Author: zhenhua ]
Windows Server 2008 /2012中使用IIS 7 /8默认允许SSL 2.0和SSL 3.0。

请按以下禁用:

单击开始,单击运行,键入注册表编辑器,然后单击确定。
在注册表编辑器,找到以下注册表项/文件夹:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols

在SSL 2.0文件夹,右键单击并选择新建,然后单击密钥。命名新的文件夹服务器。
里面的服务器的文件夹,单击编辑菜单中,选择新建,然后单击DWORD(32-bit)值。
进入启用 作为名称并按下回车键。
请确保它显示00000000(0)的数据列下(它应该默认情况下)。如果没有,请右键单击并选择修改,输入0作为数值数据。
现在,禁用SSL 3.0,对SSL 3.0文件夹,右键单击并选择新建,然后单击密钥。命名新的文件夹服务器。
里面的服务器的文件夹,单击编辑菜单中,选择新建,然后单击DWORD(32-bit)值。
进入启用 作为名称并按下回车键。
请确保它显示00000000(0)的...

Read More...

Centos JDK 安装及环境变量设置

[ 2014-08-03 17:11:38 | Author: zhenhua ]
1. rpm -ivh jdk-7-linux-x64.rpm

2. vi + /etc/profile
增加:

JAVA_HOME=/usr/java/jdk1.7.0
JRE_HOME=/usr/java/jdk1.7.0/jre
PATH=$PATH:$JAVA_HOME/bin:$JRE_HOME/bin
CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar:$JRE_HOME/lib
export JAVA_HOME JRE_HOME PATH CLASSPATH

3.使修改生效

source /etc/profile //使修改立即生效
echo $PATH //查看PATH值

常用linux shell命令组合

[ 2014-07-27 23:13:42 | Author: zhenhua ]
任务  命令组合
1  删除0字节文件  find . -type f -size 0 -exec rm -rf {} \;
find . type f -size 0 -delete
2  查看进程,按内存从大到小排列  ps -e -o "%C : %p : %z : %a"|sort -k5 -nr
3  按cpu利用率从大到小排列  ps -e -o "%C : %p : %z : %a"|sort -nr
4  打印说cache里的URL  grep -r -a jpg /data/cache/* | strings | grep "http:" | awk -F'http:' '{print "http:"$2;}'
5  查看http的并发请求数及其TCP连接状态  netstat -n | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}'
6  sed在这个文里Root的一行,匹配Root一行,将no替换成yes。  sed -i '/Root/s/no/yes/' /etc/ssh/sshd_config
7  如何杀掉mysql进程  ps ...

Read More...