User Tools

Site Tools


berkeleylug:digital_resources

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
berkeleylug:digital_resources [2019-03-09T13:18:17-0800]
michael_paoli update of DNS information (notably have it all now - also added temp.berkeleylug.com)
berkeleylug:digital_resources [2019-03-15T05:24:11-0700] (current)
michael_paoli more work on "local" hosting of [temp.]berkeleylug.com
Line 89: Line 89:
 *ignoring domains that WordPress.com lumps in there that aren't at all BerkeleyLUG *ignoring domains that WordPress.com lumps in there that aren't at all BerkeleyLUG
  
 +########################################################################​
 +various bits to test on temp.berkeleylug.com - to presumably later be
 +berkeleylug.com
 Created key and obtained (non-Google) CA signed cert also covering: Created key and obtained (non-Google) CA signed cert also covering:
 *.berkeleylug.com,​berkeleylug.com,​*.berkeleylug.org,​berkeleylug.org expires: 2019-06-07T02:​07:​58Z *.berkeleylug.com,​berkeleylug.com,​*.berkeleylug.org,​berkeleylug.org expires: 2019-06-07T02:​07:​58Z
 +$ dig +noall +answer +nottl temp.berkeleylug.com. A temp.berkeleylug.com. AAAA
 +temp.berkeleylug.com. ​  ​IN ​     A       ​198.144.194.238
 +temp.berkeleylug.com. ​  ​IN ​     AAAA    2001:​470:​1f05:​19e::​4
 +$ </​dev/​null openssl s_client -servername temp.berkeleylug.com -starttls smtp -connect 198.144.194.238:​25 2>>/​dev/​null | sed -ne '/​^-----BEGIN CERTIFICATE-----$/,/​^-----END CERTIFICATE-----$/​p'​ | openssl x509 -text -noout | sed -ne '/Not After : /p;/Subject Alternative Name:/​{N;​p;​q;​}'​
 +            Not After : May 22 11:41:24 2019 GMT
 +            X509v3 Subject Alternative Name:
 +                DNS:​*.balug.org,​ DNS:​*.lists.balug.org,​ DNS:​balug.org
 +
 +... install the newer cert for SMTP (will likely end up needed for at
 +least postmaster@berkeleylug.com,​ for WordPress site to, e.g. send
 +user password resets, etc.
 +# pwd -P
 +/​etc/​exim4/​eximconfig/​config
 +# ls -ld tls_c*.pem
 +lrwxrwxrwx 1 root root 53 Sep 17  2017 tls_certificate_private.pem -> ../​../​../​letsencrypt/​live/​lists.balug.org/​privkey.pem
 +lrwxrwxrwx 1 root root 55 Sep 17  2017 tls_certificate_public.pem -> ../​../​../​letsencrypt/​live/​lists.balug.org/​fullchain.pem
 +# ln -sf ../​../​../​letsencrypt/​live/​berkeleylug.com/​privkey.pem tls_certificate_private.pem
 +# ln -sf ../​../​../​letsencrypt/​live/​berkeleylug.com/​fullchain.pem tls_certificate_public.pem
 +# ls -lLd tls_c*.pem
 +-r--r----- 1 root Debian-exim 3272 Mar  8 19:03 tls_certificate_private.pem
 +-r--r--r-- 1 root root        4033 Mar  8 19:08 tls_certificate_public.pem
 +# systemctl reload exim4.service
 +
 +$ </​dev/​null openssl s_client -servername temp.berkeleylug.com -starttls smtp -connect 198.144.194.238:​25 2>>/​dev/​null | sed -ne '/​^-----BEGIN CERTIFICATE-----$/,/​^-----END CERTIFICATE-----$/​p'​ | openssl x509 -text -noout | sed -ne '/Not After : /p;/Subject Alternative Name:/​{N;​p;​q;​}'​
 +            Not After : Jun  7 02:07:58 2019 GMT
 +            X509v3 Subject Alternative Name:
 +                DNS:​*.balug.org,​ DNS:​*.berkeleylug.com,​ DNS:​*.berkeleylug.org,​ DNS:​*.lists.balug.org,​ DNS:​balug.org,​ DNS:​berkeleylug.com,​ DNS:​berkeleylug.org
 +
 +
 +########################################################################​
  
 robots.txt: robots.txt:
berkeleylug/digital_resources.txt ยท Last modified: 2019-03-15T05:24:11-0700 by michael_paoli