Bicycle Tour Packing List

April 28, 2019

Starting tomorrow I will head down to Athen (Greece) and the cycle to Dubrovnik (Croatia) during 3 weeks. Packing everything was quite bothersome, luckily there are tons of packing list. It seems you are almost obligated to publish yours if you go on a trip. So here goes mine:

Read More...



Brie, pain et vin en Provence

April 24, 2019

During the extended easter weekend I did a short trip with friends to the Provence. Despite the place is quite close to Switzerland the landscape is fairly different and unfamiliar. We lent a VW camper, drove through national parks and enjoyed the local food. Althought we only went there for four days we got mesmerized by the artistic villages and excellent vine 😉.

Read More...



Package Java Spring Boot service into rpm

April 12, 2019

This post is a follow-up to my last post The final rpm packaging guide. What I did not cover in the “final” guide was how to deal with the common case of packaging a service. In this post we are going to build a simple java spring boot application and package it as a systemd service into an rpm.

Read More...



The final rpm packaging guide

March 20, 2019

A customer required that every component of a software project I worked for is delivered as rpm.

This was problematic for Apache ActiveMQ Artemis as there is no rpm available.

But, the maintainer publishes a binary tarball and this is all we need to build an rpm.

So in this post I am going to show how to build an rpm from a tarball and explain the rpm build process in detail.

Read More...



Generate PEM key- and truststores With Puppet

March 7, 2019

This post is a follow-up of Generate pkcs12 key- and truststores with Puppet.
In this post we are going to create PEM key- and truststores with Puppet.

PEM files are base64 encoded X.509 certificates. Enclosed between -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- multiple PEM files can be concatinated into key- and truststores. And that is exactly what we are going to do using a Puppet manifest.

Read More...



Bash SSH host auto completion

February 21, 2019

By default the ssh command does not support auto completion for host names. However, it stores all hosts you have accessed in the ~/.ssh/known_hosts file. We can take this data and use it for an auto completion function.

Read More...



Changing Habits - Meat Consumption

February 18, 2019

I would like to start a series about changing habits. In this series I want to ask a simple question about an habit I have and try to answer it from an economic point of view.

In this first post (and hopefully not the last) I would like to know if I should stop eating meat?

Read More...



Generate pkcs12 key- and truststores with Puppet

January 30, 2019

In my last post I have showed how to generate pkcs12 key- and truststores using openssl and keytool.

For this post we assume that we want to automate the store assembling with Puppet. Puppet is a configuration management tool that shares many ideas with Ansible. In the world of Puppet you define a manifest file that describes a state of how a file, service or any type of resource should look like. Puppet applies these manifests and makes sure that the targeted system reaches the defined state.

Read More...



Create pkcs12 key- and truststore with keytool and openssl

January 22, 2019

In my last post I’ve showed you how to create a custom certificate authority and sign a server cert using openssl without user interaction.

For this post I assume that we want to set up a webservice that requires a pkcs12 keystore. Using openssl and the java keytool we are going to create a pkcs12 store and add our ca cert, server cert and server key. Further, we assume that the application also requires a truststore containing the ca cert only.

Read More...



Create a certificate authority and sign server certificates without prompting using openssl

January 21, 2019

Most of the times people want to get a certificate for the hostname localhost, let’s encrypt wrote a nice post about this, but sometimes people want a certificate for any hostname. And further, signed by a custom CA and if possible should the key material be generated without user interaction. In this post I have covered the less likely case.

Read More...



1