2018/07/31

HTTP Server、SSL 操作與設定



Part 1: 自建 private key, 建立 CSR 申請第三方憑證
#private key, need password(keep it)
openssl genrsa -des3 -out private.key 2048

# certificate signing request (CSR)
openssl req -new -key private.key -out domaincsr.csr

#產生如下列問題:
Country Name (2 letter code) [XX]:TW => 填寫國名(兩碼),填完後按下enter
State or Province Name (full name) []:Taiwan =>填寫州或郡,填完後按下enter
Locality Name (eg, city) [Default City]:Taipei =>填寫城市名稱,填完後按下enter
Organization Name (eg, company) [Default Company Ltd]:MyCompany Inc =>填寫公司名稱,填完後按下enter
Organizational Unit Name (eg, section) []:IT Dept =>填寫部門名稱,填完後按下enter
Common Name (eg, your name or your server's hostname) []:www.mydomain.com =>填寫保護網域名稱,填完後按下enter
Email Address []: demo@mydomain.com=>填寫電子郵件地址(可不填),填完後按下enter
Please enter the following 'extra' attributes to be sent with your certificate request
A challenge password []: =>請留空白,按下enter
An optional company name []: =>填寫公司名稱(可不填),填完後按下enter

#利用 domaincsr.csr 申請第三方憑證

refrence url:
1. https://blog.longwin.com.tw/2014/08/apache2-ssl-create-build-setup-2014/
2. https://slproweb.com/products/Win32OpenSSL.html
3. http://wiki.gandi.net/zh-tw/ssl/dcv


Part 2: 申請到憑證之後下載憑證串鏈
至少包含 2 張憑證,分別是
1. 中繼憑證 (第三方單位會提供 or 直接下載)
ex: GandiStandardSSLCA2.pem

2. 第三方單位發下來的憑證 (第三方單位會提供 or 直接下載)
ex: mydomain.crt

Part 3: 製作 HTTP Server 憑證串
#產製沒有加密過的 private key
openssl rsa -in private.key -out server_no_pwd.key

#產製包含 key 和 第三方憑證 PEM 檔案
cat server_no_pwd.key > server.key

cat GandiStandardSSLCA2.pem mydomain.crt > server.pem

Part 4: 確認共有三個檔案內容:
1. 自行產生的 private key: server.key
2. 串聯的憑證: server.pem
3. 第三方認證公司發行的憑證: mydomain.crt


於 Apache2 的設定範例

ServerAdmin admin@mydomain.com.tw
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

SSLEngine on
SSLCertificateFile /var/www/html/gandi_key/server.pem
SSLCertificateKeyFile /var/www/html/gandi_key/server.key
SSLCertificateChainFile /var/www/html/gandi_key/mydomain.crt


SSLOptions +StdEnvVars


SSLOptions +StdEnvVars

BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown


於 Ngnix 的設定範例
# HTTPS server
server {
listen 443 ssl;
server_name mydomain.com.tw;
access_log C://data//BackendService//logs//access_log.log;

ssl_stapling on;
ssl_stapling_verify on;

ssl_certificate /ngnix/gandi_key/server.pem
ssl_certificate_key /ngnix/gandi_key/server.key

#ssl_session_cache shared:SSL:1m;
#ssl_session_timeout 5m;

#ssl_ciphers HIGH:!aNULL:!MD5;
#ssl_prefer_server_ciphers on;

ssl_trusted_certificate /ngnix/gandi_key/mydomain.crt

location / {
proxy_pass http://127.0.0.1:4001/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}

2014/08/26

Installing Tomcat 7 + Postgres 9.3 on Amazon Linux


-------------------------------------------------------------------------------------------------------
Tomcat Part
-------------------------------------------------------------------------------------------------------

#install tomcat7

sudo yum install tomcat7-webapps tomcat7-docs-webapp tomcat7-admin-webapps
       
 

#auto startup


sudo chkconfig tomcat7 on
       
 

#redirect port


sudo /sbin/iptables -t nat -I PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

sudo /sbin/service iptables save
       
 

-------------------------------------------------------------------------------------------------------
Postgres Part
-------------------------------------------------------------------------------------------------------

Install from rpm/yum from postgres repo

In the files
/etc/yum.repos.d/amzn-main.repo
and
/etc/yum.repos.d/amzn-updates.repo add the following in the
block [amzn-main]:

///////////////////////////////////////
exclude=postgresql*
///////////////////////////////////////

Then, install the repo rpm and run yum
# Change to home directory to download the software


cd ~/
       
 
# Get the right postgresql package (Redhat 64 Bit)


wget http://yum.postgresql.org/9.3/redhat/rhel-6-x86_64/pgdg-redhat93-9.3-1.noarch.rpm
       
 
# Install the package


sudo rpm -ivh pgdg-redhat93-9.3-1.noarch.rpm
sudo yum install postgresql93 postgresql93-server postgresql93-devel
       
 
# Check that the service is installed


sudo service postgresql-9.3 status
       
 
# should return "is stopped"

# init the DB


sudo service postgresql-9.3 initdb
       
 
# Start the DB

sudo service postgresql-9.3 start
       
 
# connect


sudo su - postgres
psql
       
 
# auto startup


sudo chkconfig postgresql-9.3 on
       
 
source

2014/07/11

Automatically Retry Failed Jobs in Quartz


Source: Automatically Retry Failed Jobs in Quartz

Retrying continuously until success:
If you want to keep trying over and over again until the job succeeds, all you have to do is throw a JobExecutionException with a flag to tell the scheduler to fire it again when it fails. The following code shows how:


class MyJob implements Job {
 
  public MyJob() {
  }
 
  public void execute(JobExecutionContext context)
                  throws JobExecutionException {
    try{
        //do something
    }
    catch(Exception e){
 
        Thread.sleep(10000); //sleep for 10 secs
 
        JobExecutionException e2 = new JobExecutionException(e);
        //fire it again
        e2.refireImmediately();
        throw e2;
    }
  }
}
       
 

Retrying n times:
It gets a bit more complicated if you want to retry a certain number of times only. You have to use a StatefulJob and hold a retryCounter in its JobDataMap, which you increment if the job fails. If the counter exceeds the maximum number of retries, then you can disable the job if you wish.




class MyJob implements StatefulJob {
 
  public MyJob() {
  }
 
  public void execute(JobExecutionContext context)
                                 throws JobExecutionException {
    JobDataMap dataMap = context.getJobDetail().getJobDataMap();
    int count = dataMap.getIntValue("count");
 
    // allow 5 retries
    if(count >= 5){
        JobExecutionException e = new JobExecutionException("Retries exceeded");
        //unschedule it so that it doesn't run again
        e.setUnscheduleAllTriggers(true);
        throw e;
    }
 
    try{
        //do something
 
        //reset counter back to 0
        dataMap.putAsString("count", 0);
    }
    catch(Exception e){
        count++;
        dataMap.putAsString("count", count);
        JobExecutionException e2 = new JobExecutionException(e);
 
        Thread.sleep(10000); //sleep for 10 secs
 
        //fire it again
        e2.refireImmediately();
        throw e2;
    }
  }
}
       
 

2014/05/03

Admob廣告收入


Admob廣告收入構成
收入=廣告展示量/1,000 * 千次展示收入
千次展示收入=點擊率 * 廣告單價
廣告單價,台灣大概0.1 USD,各國不一定
假設一個月
廣告展示量=100,000 次
點擊率 = (0.1%) 0.001
廣告收入=100000/1000*0.001*0.1=0.01USD
但是其他報告是說,
行動裝置平均每次點擊約有0.01 USD,一般網頁平均每次點擊約有0.1 USD
這報告告訴大家,錢真的不好賺啊 QQ

2013/02/28

PostgreSQL Binary Install in Win7



  • download binary files: http://www.enterprisedb.com/products-services-training/pgbindownload
  • unzip to c:\pgsql
  • create a batch file: setevn.bat:
      set PGHOME=C:\pgsql
      set PATH=%PGHOME%\bin;%path%
      set PGHOST=localhost
      set PGLIB=%PGHOME%\lib
      set PGDATA=%PGHOME%\data
  • as a system administrator to run the "command prompt"
  • execute the following script:
  •           C:\>cd C:\pgsql
      C:\pgsql>setenv.bat
      C:\pgsql>initdb.exe -D %PGDATA% -E UTF8 --locale=C
      C:\pgsql>pg_ctl.exe register -D %PGDATA% -N "PostgreSQL 918"

2012/12/26

SQL Server Table Schema 查詢與欄位定序



/*資料表*/
Select * From SysObjects Where xType='U' Order By Name

/*欄位*/
Select * From SysObjects A Inner Join SysColumns B On A.ID=B.ID Where A.xType='U' Order By A.Name,ColID

/*讀取SQL 資料表欄位結構的SQL 語法*/
Select A.Name As TableName,B.ColOrder As ColOrder,B.Name As ColName,C.Name As ColType,B.Length As ColLen,B.XPrec As ColPrecision,B.XScale As ColScale
From (SysObjects A Inner Join SysColumns B On A.ID=B.ID) Inner Join SysTypes C On B.XType=C.XType
Where A.XType='u'
Order By A.Name,B.ColOrder

/*修改欄位定序*/
ALTER TABLE MyTable ALTER COLUMN CharCol
varchar(10) COLLATE Chinese_Taiwan_Stroke

NGINX SSL/設定檔案

#user nobody; worker_processes 1; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #...