If you want to check the SSL certificate validation (expiry time, hostname match, self signed etc) using curl, you can do it by running
[code]curl -cacert URL_ADDRESS [/code]
Example : If you want to check the SSL certificate of GoDaddy
[code]curl -cacert https://www.godaddy.com [/code]
We spent the weekend with Sri and family and I got a chance to capture some nice shots of Sindhu and Virat. Kids are such a pleasure to take pictures of.. innocent, dont_care_how_I_look..giggly 🙂
Sindhu gazing at Virat 
Virat loving the attention 
Do you want my balloons? 
Are you looking at me? 
One happy family.. aren’t they beautiful?? 
Quick onliner on generating a MD5 fingerprint for a SSL certificate using openssl
[code]openssl x509 -noout -md5 -fingerprint -in NAME_OF_CERTIFICATE_FILE [/code]
If you don’t specify the -md5 option, you will get a SHA1 fingerprint.
“e” is the most used letter in the english language. It appears ~12.7% of the time in the language.
The next popular letter is “t“, which appears ~ 9.1% of the time.
And “a” takes the third spot at 8.1%..
How did I find this out? From the free Crypto class being provided by Dan Boneh from the Stanford University.
Pictures of sunrise over I-90 (highway) in Chicago. I challenged myself to take pictures of a sunrise in the middle of the road.. while I didn’t technically take these pictures from the middle of the road :).. I did take them from the roadside.
Complete collection at http://www.flickr.com/photos/kudithipudi/sets/72157629225713384/with/6984620639/
By default, most of the Linux distros limit the number of processes that a user can spawn. This is put in place to limit (un)intended cases when a process might just fork off processes without a limit and bring down a server.
For RHEL (and CentOS), the default is 1024 processes per user. In some cases, you do need to increase the number of processes that a particular user can spawn. For example if you are running a database or an application server, you definitely want to tweak this number because these apps tend to create a lot of threads.
As a side note, if you run into this limitation on a machine running jboss, you typically see an error with the following string in your server logs [code]java.lang.OutOfMemoryError: unable to create new native thread.[/code]
. Looking at the error, one would think it is related to memory issues :).
OK.. back to the subject at hand. Here is the process for identifying your limits and then tweaking them as required in RHEL or CentOS.
* soft nproc 2000[/code]
You can also check the limits of a particular user by finding a process ID being executed by that user and running [code]sudo cat /proc/PROCESS_ID/limits [/code]
One of the capabilities of Jboss is that it can serve HTTP traffic. By default Jboss does not log any of the HTTP traffic in it’s log files. Here is a quick howto on enabling this logging. This post is specific to Jboss 4.x (ancient!!) and I will post another one soon on how do it in version 5.x and newer.
Edit the server.xml file located in $JBOSS_HOME/servers/$PROFILE/deploy/jboss-web.deployer and replace the commented out access logger section as such
FROM
[code]<!–
<Valve className="org.apache.catalina.valves.AccessLogValve"
prefix="localhost_access_log." suffix=".log"
pattern="common" directory="${jboss.server.log.dir}"
resolveHosts="false" />
–> [/code]
TO
[code]<Valve className="org.apache.catalina.valves.AccessLogValve"
prefix="localhost_access_log." suffix=".log"
pattern="common" directory="${jboss.server.log.dir}"
resolveHosts="false" /> [/code]
This will start creating a file with the format localhost_access_log.CURRENT_DATE.log in the $JBOSS_HOME/server/$PROFILE/log folder
But it isn’t fun if you just leave the default logging right :). The pattern formats of common and combined are similar to the standard apache logging options. But if you wanted to have certain content and format in the log files, you have a lot of options. Jboss community has documented all the data that is exposed through this valve at http://docs.jboss.org/jbossweb/latest/api/org/apache/catalina/valves/AccessLogValve.html
So say, I want to log the referrer header, user agent and the value of a cookie called JSESSONID and log all this data into a file called jboss_web_access_log, I setup the options as such
[code]<Valve className="org.apache.catalina.valves.AccessLogValve"
prefix="jboss_web_access_log." suffix=".log"
pattern="%h %p %l %u %t %r %s %b ‘%{Referer}i’ ‘%{User-Agent}i’ ‘%{JSESSIONID}c’"
directory="${jboss.server.log.dir}"
resolveHosts="false" /> [/code]
If you ever wanted to check how many threads a particular process spawned off in Linux, you can use
Inspired by a G+ post by Thomas Weeks .
swap memory is something used by the OS to essentially swap data to and forth if the main memory is not available. It is several times slower than RAM, since it uses hard disk to store the memory. And if you are constantly swapping, your system performance is going to be impacted quite a lot. You should always ensure that your system is not swapping by adding the required RAM and/or stopping your application(s) from using so much memory. At times, because of spike in utilization, the OS might briefly use swap. And when it does, it doesn’t release the memory from swap. So from an analysis prospective, it makes it difficult to check (quickly) if your system is using swap or not. This is similar to errors on an interface in a router. Unless you clear them and monitor, you don’t know when the errors happened.
I was not aware that you could turn off swap devices while the OS is running and then enable them again. So here are the commands to do that in Linux
[code]swapoff -a[/code]
This essentially disables swap on all devices configured for swap in /etc/fstab
[code]swapon -a[/code]
This does the opposite of the first command. Enabled swap on all devices that have swap configured.
Tom put this into a nice alias by doing the following
[code]alias unswap=’sudo swapoff -a && sudo swapon -a'[/code]
Thx Tom…
