Updating erlang-ssl

First step is to upgrade old and vulnerable to POODLE atack erlang-ssl pack to newer version

Debian 7 Wheezy

echo "deb http://packages.erlang-solutions.com/debian wheezy contrib" >> /etc/apt/sources.list.d/erlang.list
wget -O - http://packages.erlang-solutions.com/debian/erlang_solutions.asc | apt-key add -
apt-get update && apt-get install erlang-ssl

Creating and using self-signed cert

Generate using script

wget https://raw.githubusercontent.com/SystemZ/rabbitmq-server-cert/master/ssl_certs.sh
wget https://raw.githubusercontent.com/SystemZ/rabbitmq-server-cert/master/openssl.cnf
chmod +x ssl_certs.sh
./ssl_certs.sh generate

Copy to config files

mkdir /etc/rabbitmq/ssl
cp server_key.pem /etc/rabbitmq/ssl/
cp server_cert.pem /etc/rabbitmq/ssl/
cp testca/cacert.pem /etc/rabbitmq/ssl/

Testing certs

It’s optional but recommended, you’ll have guarantee that everything is working as it should

In first terminal

openssl s_server -accept 8443 -cert /etc/rabbitmq/ssl/server_cert.pem -key /etc/rabbitmq/ssl/server_key.pem -CAfile /etc/rabbitmq/ssl/cacert.pem

In second terminal

openssl s_client -connect localhost:8443 -cert /etc/rabbitmq/ssl/server_cert.pem -key /etc/rabbitmq/ssl/server_key.pem -CAfile /etc/rabbitmq/ssl/cacert.pem

You should have mini-encrypted chat in both terminals and “OK” in second, try it by entering text and pressing return

Creating config for rabbitmq

/etc/rabbitmq/rabbitmq.config

[
    {rabbit, [
    {ssl_listeners, [5671]},
    {ssl_options, [{cacertfile,"/etc/rabbitmq/ssl/cacert.pem"},
                   {certfile,"/etc/rabbitmq/ssl/server_cert.pem"},
                   {keyfile,"/etc/rabbitmq/ssl/server_key.pem"},
                   {verify,verify_peer},
                   {fail_if_no_peer_cert,true}]}
  ]}
].

Remember to restart daemon

service rabbitmq-server restart

Using SSL in apps

PHP

https://github.com/rabbitmq/rabbitmq-tutorials/tree/master/php

Troubleshooting

https://www.rabbitmq.com/troubleshooting-ssl.html

Installing RabbitMQ-server

Debian/Ubuntu

Login as privileged user with su or add sudo when necessary

Add official repo and key

echo "deb http://www.rabbitmq.com/debian/ testing main" >> /etc/apt/sources.list.d/rabbitmq.list
wget -O - http://www.rabbitmq.com/rabbitmq-signing-key-public.asc | apt-key add -

Update packages list and install rabbitmq

apt-get update && apt-get install rabbitmq-server

Set max number of open file handles

echo "ulimit -n 1024" >> /etc/default/rabbitmq-server

Enable web management plugin

rabbitmq-plugins enable rabbitmq_management

Restart service

service rabbitmq-server restart

Using web interface

RabbitMQ http interface RabbitMQ web interface listing connections RabbitMQ web interface showing users and adding users
Awesome out of the box experience!

just point your browser @ http://localhost:15672/ or if you are using remote machine, forward it to your PC by

ssh -L 15672:127.0.0.1:15672 example.com

then it will be available at http://localhost:15672/

Edit 2015-02-15: Default password for RabbitMQ web interface is guest/guest

Using queue in app

Go to get started @ official site, there are friendly tutorials for langs

  • Python
  • Java
  • Ruby
  • PHP
  • C#

and other via github client libs

Using queue in app with SSL/TLS

Connecting with SSL is not covered in official guide.
Go to my post about SSL in RabbitMQ

Debian/Ubuntu

On Debian log as root user with su command, on Ubuntu add sudo before apt-get

apt-get install rkhunter #install 
rkhunter --update #update signatures
rkhunter --check #run scan

Jekyll static generator logo

Are you bored with standard WordPress problems such as:

  • performance
  • security
  • crappy plugins

You just want to publish simple posts and host it even with AWS S3 or Github pages?
Use one of the many static generators.

Jekyll is the most popular choice, it’s written in Ruby but even if you don’t know this language it will be fine because it’s using markdown syntax
Below I’m providing 2min-to-see-effect solution with ready to use theme.

Jekyll TL;DR on Ubuntu 14.04

Install Jekyll and theme

sudo apt-get install make ruby-dev ruby nodejs
sudo gem install bundler jekyll
git clone https://github.com/mmistakes/hpstr-jekyll-theme.git blog
cd blog
bundle install

Start local webserver

bundle exec jekyll serve -w

Now you can visit localhost:4000 for your Jekyll blog!

Build

bundle exec jekyll build

How to use

You can find detailed info about theme config and customization here: https://mmistakes.github.io/hpstr-jekyll-theme/theme-setup/

More themes - http://jekyllthemes.org/