User:Alvonruff/HTTPS Notes
Jump to navigation
Jump to search
Apache
- dnf install mod_ssl
- systemctl restart httpd
- httpd -M
- cd /etc/httpd/conf.d
- Create file isfdb2.org.conf
- Add the following contents:
<VirtualHost *:80> ServerName stage.isfdb2.org DocumentRoot /var/www/html ServerAlias isfdb2.org ErrorLog /var/www/error.log CustomLog /var/www/requests.log combined </VirtualHost>
- service httpd restart
Certificate Support Software
- dnf install epel-release
- dnf install snapd
- dnf install certbot
- dnf install python3-certbot-apache
Certificates
- certbot --apache
- Select isfdb2.org
- systemctl restart httpd
The New Password Algorithm
wikiPass = record[0][1] # Extract the various fields stored in the user_password field fields = string.split(str(wikiPass), ":") encryption = fields[1] hashAlgo = fields[2] cost = int(fields[3]) keylen = int(fields[4]) # Decode the salt and key fields base64_salt = fields[5] base64_key = fields[6] salt = base64.b64decode(base64_salt) dbaseKey = base64.b64decode(base64_key) submittedKey = pbkdf2_hmac(hashAlgo, password.encode('utf-8'), salt, cost) if binascii.hexlify(submittedKey) != binascii.hexlify(dbaseKey): doError('Bad password')
Issues to Resolve
- The front page is still labeled insecure, while all other pages seem ok.
- This cleared up, but unsure why.
- Can not log into the wiki, nor the isfdb
- Clearing out the cookies fixed the wiki issue.
- Mediawiki is using pbkdf2, while isfdb is using md5, so the next step is obvious...
- Prepending www doesn't seem to work:
- If we traverse from an external site (or the web browser) to a www.isfdb2.org URL, it works (as it should)
- If we configure the isfdb variables to www.isfdb2.org, it does not work
- As such, this is likely not an issue.