I will try to keep this short and to the point.

If you work in a Windows/Linux mixed environment, you may come across a scenario where you need to move SSL certificates and private keys from a Windows server using IIS to Linux running Apache or similar.

Windows and Linux tend to use two different key formats and this can make things tricky. Today I want to briefly write down/share the commands you can run using the OpenSSL framework to convert a Windows PFX formatted exported certificate into something Apache can use. (more…)

If you are in a decently secure network your Active Directory domain controllers are “silo’d” off from all of your workstations and member servers. This is good, however, if your internal firewalls aren’t configured properly it can cause all kinds of headache for day-to-day domain operations.

Update: You might also want to checkout this article about Windows File Sharing – what ports are used and why? It answers a lot of basic questions about Windows File sharing technology and debunks a lot of misinformation (a lot of which you probably believe if you have been a Windows Admin for any length of time like myself…): Windows File Sharing: Facing the Mystery

So to that point, I have compiled a quick list of ports that need to be open in both directions for your domain to function appropriately (This was updated on 3-27-2017 to add TCP 5722… Somehow I missed this one for a long time…):

I have been doing a bit of cleaning house lately and have no less than 7 old hard drives sitting in my office. So I had a few questions to answer. First… are they usable? Second, if they aren’t, how can I securely dispose of them? (more…)

I have been using powershell to automate Internet Explorer interactions with a web application with a login page in our internal environment at work. I ran into an issue with my script because the page I was trying to access was secured with SSL and we were using a self-signed certificate. This causes Internet Explorer to redirect to a warning page rather than going straight to the site. I needed a way to bypass this warning page in code and I finally came up with a solution I am sharing here.

Normally I dive into articles like this with an assumption that people know everything I am talking about. This will be a bit different because on this topic I feel pretty green myself. As this is a fresh subject for me, I am going to treat it as a fresh subject for you. That being said, we are actually going to be working with a somewhat complex script by the time we are done and if you pickup most of the concepts along the way you are going to be off at a sprint with Powershell scripting.

In this article, let us review how to generate private key file (server.key), certificate signing request file (server.csr) and webserver certificate file (server.crt) that can be used on Apache server with mod_ssl.

Source: How To Generate SSL Key, CSR and Self Signed Certificate For Apache


The above linked article is an excellent overview that is right to the point for generating SSL keys on a linux server. The instructions include generating a CSR (certificate signing request) that can be sent to a third-party cert authority to get yourself a full-fledged certificate file in addition to instructions on generating a self-signed certificate (often used for testing but handy for a myriad of other things…)


I would also recommend you take a look at this link if you need to generate a key without a passphrase: http://serverfault.com/questions/366372/is-it-possible-to-generate-rsa-key-without-pass-phrase