Disclaimer

This is only for my reference purpose. Don't use this article. If you want a realiable source consider reading the original post here https://www.kinamo.be/en/support/faq/useful-openssl-commands

Certificate requests and key generation​

Typically, when you ordered a new SSL certificate you must generate a CSR or certificate signing request, with a new private key:

openssl req -sha256 -nodes -newkey rsa:2048 -keyout www.server.com.key -out www.server.com.csr

Generate a new certificate request using an existing private key:​

openssl req -new -sha256 -key www.server.com.key -out www.server.com.csr

Generate a certificate request starting from an existing certificate:​

openssl x509 -x509toreq -in www.server.com.crt -out www.server.com.csr -signkey www.server.com.key

Generate a new RSA private key:​

openssl genrsa -out www.server.com.key 2048

Encrypt a private key with a passphrase:​

openssl rsa -in www.server.com.key -out www.server.com.key -des3

Remove a passphrase from an encrypted private key:​

openssl rsa -in www.server.com.key -out www.server.com.key

Generate a new ECC private key:​

openssl ecparam -out server.key -name prime256v1 -genkey

Create a self-signed certificate​

Generate a self-signed certificate for testing purposes with one year validity period, together with a new 2048-bit key:

openssl req -x509 -newkey rsa:2048 -nodes -keyout www.server.com.key -out www.server.com.crt -days 365

View and verify certificates​

Check and display a certificate request (CSR):​

openssl req -noout -text -verify -in www.server.com.csr

Verify and display a key pair:​

openssl rsa -noout -text -check -in www.server.com.key

View a PEM-encoded certificate:​

openssl x509 -noout -text -in www.server.com.crt

View a certificate encoded in PKCS#7 format:​

openssl pkcs7 -print_certs -in www.server.com.p7b

View a certificate and key pair encoded in PKCS#12 format:​

openssl pkcs12 -info -in www.server.com.pfx

Verify an SSL connection and display all certificates in the chain:​

openssl s_client -connect www.server.com:443

Control whether a certificate, a certificate request and a private key have the same public key:​

openssl x509 -noout -modulus www.server.com.crt | openssl sha256
openssl req -noout -modulus www.server.com.csr | openssl sha256
openssl rsa -noout -modulus www.server.com.key | openssl sha256

Check a certificate and its intermediate certificate chain for web server purposes:​

openssl verify -purpose sslserver -CAfile certificatebundle.pem -verbose www.server.com.crt

Certificate conversion​

Conversion of PKCS#12 ( .pfx .p12, typically used on Microsoft Windows) files with private key and certificate to PEM (typically used on Linux):​

openssl pkcs12 -nodes -in www.server.com.pfx -out www.server.com.crt

Conversion of PEM to PKCS#12:​

openssl pkcs12 -export -in www.server.com.crt -inkey www.server.com.key -out www.server.com.pfx

Conversion of PKCS#7 format ( .p7b .p7c ) to PEM:​

openssl pkcs7 -print_certs -in www.server.com.p7b -out www.server.com.crt  

Conversion of PEM format to PKCS#7:​

openssl crl2pkcs7 -nocrl -certfile www.server.com.crt -out www.server.com.p7b

Conversion of DER (.crt .cer or .der) to PEM:​

openssl x509 -inform der -in certificate.cer -out certificate.pem

Conversion from PEM to DER format:​

openssl x509 -outform der -in certificate.pem -out certificate.cer

Checking SSL Connections​

This will output the website's certificate, including any intermediate certificates

openssl s_client -connect https://www.server.com:443

openssl s_client -showcerts -servername <domain> -connect <domain>:443 </dev/null 

Example:

openssl s_client -showcerts -servername google.com -connect google.com:443 </dev/null 

_list=($(kubectl get --raw / |grep "^    \"/api"|sed 's/[",]//g')); for _api in ${_list[@]}; do _aruyo=$(kubectl get --raw ${_api} | jq .resources); if [ "x${_aruyo}" != "xnull" ]; then echo; echo "===${_api}==="; kubectl get --raw ${_api} | jq -r ".resources[].name"; fi; done > resources.txt

Please look for the original article here Tannhäuser Ruan. Don't use this blog entry, this is just for further reference.

The following example is a good one to use in Pentaho DI to map string values without any acentuation:

var accentsTidy = function(s){
    var r=s.toLowerCase();
//    r = r.replace(new RegExp(/\s/g),""); // uncomment if you also want to strips spaces
    r = r.replace(new RegExp(/[àáâãäå]/g),"a");
    r = r.replace(new RegExp(/æ/g),"ae");
    r = r.replace(new RegExp(/ç/g),"c");
    r = r.replace(new RegExp(/[èéêë]/g),"e");
    r = r.replace(new RegExp(/[ìíîï]/g),"i");
    r = r.replace(new RegExp(/ñ/g),"n");                
    r = r.replace(new RegExp(/[òóôõö]/g),"o");
    r = r.replace(new RegExp(/œ/g),"oe");
    r = r.replace(new RegExp(/[ùúûü]/g),"u");
    r = r.replace(new RegExp(/[ýÿ]/g),"y");
//    r = r.replace(new RegExp(/\W/g),""); // uncomment if you also want to strips non-word chars
    return r.toUpperCase();
};

var str = accentsTidy("Internacionalização")

Reference: https://stackoverflow.com/questions/990904/remove-accents-diacritics-in-a-string-in-javascript

When you generate a new SSL certificate protected with password you will always be asked by your webserver about that password when you need to restart your webserver with the following sentence:

Enter PEM pass phrase:

That's annoying after 20239482309 changes, so let's remove that password:

openssl rsa -in csr_with_pwd.key -out csr_no_pwd.key

Setando número de réplicas

curl -XPUT http://10.21.152.133:9200/_settings -d '{ "number_of_replicas" :0 }'
curl -XPUT http://10.21.152.133:9200/_settings -d '{ "number_of_replicas" :1 }'

Habilitando roteamento de alocação automático. Isto é bom fazer depois de reiniciar, antes de reiniciar o valor deve ser none

curl -XPUT http://10.21.152.133:9200/_cluster/settings -d '
{
    "transient" : {
        "cluster.routing.allocation.enable": "all"
    }
}'

Mapeando saúde dos índices do cluster

curl -s "http://10.21.152.133:9200/_cluster/health?level=indices" | \
    jq '.indices | map_values(.status)'

Cluster health geral

http://10.21.152.133:9200/_cluster/health?pretty

Status do servidor

http://10.21.152.133:9200/_stats 

Exibindo settings

http://10.21.152.133:9200/_settings?pretty

Exibindo Status dos indices (STARTED x UNASSIGNED)

http://10.21.152.133:9200/_cat/shards?v&pretty

Allocation status

http://10.21.152.133:9200/_cluster/allocation/explain?pretty

Checando stats de um index

http://10.21.152.133:9200/.kibana/_stats

Copiando índice de um servidor remoto

POST _reindex
{
  "source": {
    "remote": {
      "host": "http://otherhost:9200",
      "username": "user",
      "password": "pass"
    },
    "index": "source",
    "query": {
      "match": {
        "test": "data"
      }
    }
  },
  "dest": {
    "index": "dest"
  }
}

Reindexando índices diários(daily)

POST _reindex
{
  "source": {
    "index": "metricbeat-*"
  },
  "dest": {
    "index": "metricbeat"
  },
  "script": {
    "lang": "painless",
    "source": "ctx._index = 'metricbeat-' + (ctx._index.substring('metricbeat-'.length(), ctx._index.length())) + '-1'"
  }
}

Outras operações de reindex:

https://www.elastic.co/guide/en/elasticsearch/reference/6.8/docs-reindex.html

https://www.elastic.co/guide/en/elasticsearch/reference/5.4/docs-reindex.html

Example: You want to find files bigger than 100Mb in your current directory, so just type in shell:

find . -type f -size +100M -exec ls -lh {} \; 

reference: https://www.baeldung.com/linux/monitor-disk-usage

In my workstation I use an i5(7thGen) with 16GB RAM. So I tuned my idea.vmoptions in order to get better IntelliJ IDEA performance.

That is:

-Xms881m
-Xmx2048m
-XX:ReservedCodeCacheSize=512m
-XX:+PerfDisableSharedMem
-XX:+UseG1GC
-XX:MaxGCPauseMillis=100

When I was installing PGADMIN3 in my Manjaro/Arch linux distro I got this error output

==> Verifying source file signatures with gpg...
    pgadmin3-1.22.2.tar.gz ... FAILED (unknown public key 24ADFAAF698F1519)
==> ERROR: One or more PGP signatures could not be verified!

To solve this problem I just ran the following command to get my problems solved:

gpg --recv-keys 24ADFAAF698F1519     

Issae! That worked well.