Hodžův blog

Translated humorously into Czech as Funkce zrušení nemohla zkontrolovat zrušení, protože server pro zrušení byl offline. If the issue is with the certification authority, the following registry modification will help you. In HKLM\System\CCS\Services\SSTPSvc\Parameters create a new DWORD (32-bit) named NoCertRevocationCheck with a value of 1.The provided solution should be implemented only for the necessary period!

After installing the October update (KB5018410), customers started reporting to us that they were unable to send mail from Outlook using SMTP TLS (port 587). The email client only displays the error message: 0x800CCC1A and postfix writes in the log: Oct 16 18:21:39 mail postfix/submission/smtpd[719912]: connect from my.private.ip.[xxx.xxx.xxx.xxx] Oct 16 18:21:39 mail postfix/submission/smtpd[719912]: SSL_accept error […]

With Greenbone Enterprise TRIAL, as well as Greenbone Community Edition (GCE), I ran into a problem where I could not log into the web interface after several tests. I just get a message: The Greenbone Vulnerability Manager service is not responding. This could be due to system maintenance. Please try again later, check the system […]

Dnes jsem zákazníkovi obnovoval certifikáty. Jelikož jsem generování a stažení certifikátů dělal z různých počítačů, chtěl jsem mít 100% jistotu, že soubory k sobě patří. S OpenSSL to lze naštěstí velmi snadno ověřit: # CSR $ openssl req -in domena.cz.csr -pubkey -noout -outform pem | sha256sum a9a2390ea6ea6a3d5a186b5ee137f89909f533031fab9e2010a8f2c237fb9b7e – # Certifikát $ openssl x509 -in domena.cz.crt […]

1. Forgot device from UniFi 2. SSH to UniFi AP (default credential ubnt/ubnt) ssh root@ip_of_unifi_ap 3. Upload latest firmware image from UniFi web site (https://www.ui.com/download/unifi/unifi-ap) cd /tmp wget https://dl.ubnt.com/unifi/firmware/BZ2/4.0.15.9872/BZ.ar7240.v4.0.15.9872.181229.0259.bin –no-check-certificate mv BZ.ar7240.v4.0.15.9872.181229.0259.bin fwupdate.bin 4. Run upgrade process syswrapper.sh upgrade2 & 5. Wait a moment & adopt device in controller

Edit Bind config file vi /etc/bind/named.conf.options … options { … dnssec-enable yes; dnssec-validation auto; … }; …

…aneb když zapomenete přihlašovací údaje. Hesla v remmině jsou zašifrována pomocí blokové šifry 3DES s 256bitovým (náhodně vygenerovaným) klíčem. Klíč lze nalézt (Kubuntu 18.04) v souboru ~/.config/remmina/remmina.pref (na řádce začínající slovem „secret=“). Jednotlivá zašifrovaná hesla pak jsou v souborech ~/.local/share/remmina/*.remmina (řádek začínající klíčovým slovem „password=“). K dešifrování poslouží tento krátký skript v Pythonu (nahraďte položky […]

Check Point configuration: IP address WAN: 1.2.3.4 IP address LAN: 192.168.1.0/24 Username: johndoe Password: mysecret Shared secret: 12345678 Mikrotik configuration: /interface l2tp-client add connect-to=1.2.3.4 disabled=no ipsec-secret=12345678 name=l2tp-checkpoint password=“mysecret“ use-ipsec=yes user=johndoe /ip ipsec proposal set [ find default=yes ] enc-algorithms=3des pfs-group=none /ip route add distance=1 dst-address=192.168.1.0/24 gateway=l2tp-checkpoint

Quick fix: echo „dn: cn=config changetype: modify replace: olcSizeLimit olcSizeLimit: 10000“ > olcSizeLimit.ldif ldapmodify -Y EXTERNAL -H ldapi:/// -f olcSizeLimit.ldif

When installing a certificate on Apache web server, you might receive an error SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch during restart of Apache service. Most often, this error appears if you are using an incorrect private key along with the certificate you received from the Certificate Authority. In order for Apache to […]