Solaris tips

HTTPS Apache web server

The goal is to run HTTPS Apache web server using Let's Encrypt certificate.

Let's encrypt

In order to get a certificate from Let’s Encrypt, it is necessary to demonstrate control over the domain. With Let’s Encrypt, it is done by using software that uses the ACME protocol which typically runs on a web host. For Solaris (and other OSes), there is an ACME client available.

Deployment of ACME client in Solaris zone running Apache

  • install
$ ssh carmon
# pkg install -v gnu-tar

$ mkdir ~/scripts
$ cd ~/scripts
$ wget -O
$ ./ install
$ crontab -l
48 0 * * * "/home/dambi/"/ --cron --home "/home/dambi/" > /dev/null
  • issue a certificate
# chmod a+w /var/apache2/2.4/htdocs/
$ cd ~/
$ ./ --issue -d -w /var/apache2/2.4/htdocs/
  • install the certificate to Apache
$ ./ --install-cert -d --cert-file /etc/apache2/2.4/letsencrypt/ --key-file /etc/apache2/2.4/letsencrypt/ --fullchain-file /etc/apache2/2.4/letsencrypt/ --reloadcmd "svcadm refresh apache24"
$ chmod a+r /etc/apache2/2.4/letsencrypt/

Configure Apache to use Let's Encrypt certificates

# vim /etc/apache2/2.4/httpd.conf
Listen 80
Listen 443
LoadModule ssl_module libexec/
<VirtualHost *:80>
        Redirect /

<VirtualHost *:443>
        Protocols h2 http/1.1

        SSLEngine on
        SSLCertificateFile /etc/apache2/2.4/letsencrypt/
        SSLCertificateKeyFile /etc/apache2/2.4/letsencrypt/
# svcadm restart apache24

Jako alternativa viz článek Apache & Let's Encrypt na Rootu.

Howto remove password from pdf document

$ qpdf --password=YOURPASSWORD-HERE --decrypt input.pdf output.pdf

Howto merge pdf documents

$ pdfunite pdf1.pdf pdf2.pdf ... out.pdf


$ gs -sDEVICE=pdfwrite -dNOPAUSE -dQUIET -dBATCH -sOutputFile=out.pdf *.pdf

Howto convert plain text file to pdf

$ pr -f <file> | a2ps -1 -m -B --borders=no -o - | ps2pdf - - > /tmp/pr.pdf

Howto disable launching X on /dev/console

Can't just disable gdm(1m), since it takes care of launching Xnewt for Sun Ray thin clients. Instead, disabled just primary ConsoleKit seat by setting Hidden attribute to true in /etc/ConsoleKit/seats.d/ configuration file:

$ grep Hidden /etc/ConsoleKit/seats.d/

More info in console-kit-daemon(1m) man page.

Create new Mercurial repository

$ cd /data/hg
$ mkdir elektro
$ cd elektro
$ hg init
notes/solaris_tips.txt · Last modified: 2024/03/05 16:43 by admin
CC Attribution-Share Alike 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0