https://gist.github.com/dasgoll/5c7c02f363e7aeaff2837d650d985cc7 EX: *.ccdd.com openssl req -subj "/C=cd/CN=*.ccdd.com" -x509 -nodes -days 365 -newkey rsa:2048 -keyout ccdd-wildcard-selfsigned.key -out ccdd-wildcard-selfsigned.crt # /etc/fail2ban/jail.local [DEFAULT] default_backend = systemd logtarget = SYSTEMD-JOURNAL # /etc/fail2ban/jail.d/named.conf [named-refused-tcp] backend = systemd How to check journalctl -r less /var/log/fail2ban.log fail2ban-client status or fail2ban-client status sshd or fail2ban-client status ooxxooxx

繼續閱讀

https://blog.kkbruce.net/2020/01/linux-windows-container-add-cert.html?fbclid=IwAR0d_LhzAYwatOZ-Ibl4mK7Ne-iAViwKT_UWcj0Wg52YlHTKzSFNDWcp-Hk#more ubuntu /usr/local/share/ca-certificates update-ca-certificates windows Import-Certificate -FilePath ooxx -CertStoreLocation ooxx

繼續閱讀

const https = require('https'); export async function GetUserinfo(Token) { console.log(process.env["NODE_TLS_REJECT_UNAUTHORIZED"]) process.env["NODE_TLS_REJECT_UNAUTHORIZED"] = 0; console.log(process.env["NODE_TLS_REJECT_UNAUTHORIZED"]) const baseURL = 'https://openid.hydra:9001'; const userinfoURL = '/userinfo'; axios({ method: 'get', headers: { 'Authorization': 'Bearer ' + Token, 'accept': 'application/json' }, httpsAgent: new https.Agent({ rejectUnauthorized: false, ecdhCurve: 'auto' }), url: userinfoURL, baseURL: baseURL, responseType: 'json' }).then(function (response) { process.env[“NODE_TLS_REJECT_UNAUTHORIZED”] = 0; No Need, No mean Error: self signed certificate Answer: rejectUnauthorized: false, HTTPs requests to API fail: ‘sslv3 alert handshake failure Answer: ecdhCurve: ‘auto’

繼續閱讀

https://blog.miniasp.com/post/2019/02/25/Creating-Self-signed-Certificate-using-OpenSSL 目前這個方式比較靠普 建立 ssl.conf 設定檔 [req] prompt = no default_md = sha256 default_bits = 2048 distinguished_name = dn x509_extensions = v3_req [dn] C = TW ST = Taiwan L = Taipei O = Duotify Inc. OU = IT Department emailAddress = admin@example.com CN = localhost [v3_req] subjectAltName = @alt_names [alt_names] DNS.1 = *.localhost DNS.2 = localhost DNS.3 = 192.168.2.100 openssl req -x509 -new -nodes -sha256 -utf8 -days 3650 -newkey rsa:2048 -keyout server.

繼續閱讀