xca – Graphical X.509 certificate management tool

If you are looking for some tool to manage X.509 certificates then probably xca is your best guess. This is  a graphical tool and you can open any file and view the keys in it.

So, first install it:

sudo yum install xca

And some information on xca::

Description :   X Certificate and Key management is a graphic interface for managing
: asymmetric keys like RSA or DSA, certificates and revocation lists. It is
: intended as a small CA for creation and signing certificates. It uses the
: OpenSSL library for the cryptographic operations.
:   Certificate signing requests (PKCS#10), certificates (X509v3), the signing
: of requests, the creation of self-signed certificates, certificate revocation
: lists and SmartCards are supported. For an easy company-wide use, customizable
: templates can be used for certificate and request generation. The PKI structures
: can be imported and exported in several formats like PKCS#7, PKCS#12, PEM,
: DER, PKCS#8. All cryptographic data are stored in a byte order agnostic file
: format, portable across operating systems.


Fedora.next – what is it?

Fedora.next is being much talked about but what it really is. If you want some insight’s and understand what it is, head over to this presentation.

A nice presentation that explains the concept for Fedora.next.


Sandbox apache (httpd) for better security.

Table of contents for Fedora Security

  1. Sandbox apache (httpd) for better security.

Apache/httpd is something which you would like to have contained. And now fedora provides a native way/mechanism to to so with virt-sandbox-service. With this, you can create a virtualized sanbox service and then connect/list/manage such with virsh.

We will be using LXC.

Basically its couple of commands and you have a contained service running.

# List all the containers
virsh -c lxc:/// list

# Create the sandbox, all default parameters. Will take dhcp address.
virt-sandbox-service create -C  --username amitag -u httpd.service httpd_conta

# Create the container with static IP.
virt-sandbox-service create -C  --username amitag -u httpd.service -N \
address=  httpd_conta#Enable and start the service.
virt-sandbox-service start httpd_conta
virt-sandbox-service enable httpd_conta#Delete the container if not required any more.
virt-sandbox-service delete  httpd_conta



Linux – Simple and Short

Scan ME
Scan ME