What Are You Doing Right Now
-
Wondering how do people here apply certificates to internal websites?
e.g. A unifi controller, so when I visit https://unifi01 I don't get the warning.Do you use external provider like 123reg and buy a SSL cert or do something internal?
-
@hobbit666 said in What Are You Doing Right Now:
Wondering how do people here apply certificates to internal websites?
e.g. A unifi controller, so when I visit https://unifi01 I don't get the warning.Do you use external provider like 123reg and buy a SSL cert or do something internal?
Normal old school certs from GoDaddy or Digicert apply easily to these situations, you create a CSR, export it, use that information on the cert providers website, export your cert from them, install it on your internal host - done.
This isn't so easy to do with Let's Encrypt. This is because LE needs to check your ownership of a website by having direct access to that website.
That said, assuming you do have a website, you can have LE include a SAN, which is your internal servername, export the cert from the externally facing site, after LE installs the cert, then import that cert to your internal server. Then manually do that process whenever the cert is updated on the external server.
-
Everyone always blames not knowing Linux for not knowing computing basics. This thread he says he's all confused because it is Linux, but he obviously doesn't understand the Windows terms he's trying to use or just things like what a network is. He's literally mixing concepts like AD Domains and access points thinking that they are related. Understanding Windows at all would make Linux clear to him here.
-
@scottalanmiller said in What Are You Doing Right Now:
Everyone always blames not knowing Linux for not knowing computing basics. This thread he says he's all confused because it is Linux, but he obviously doesn't understand the Windows terms he's trying to use or just things like what a network is. He's literally mixing concepts like AD Domains and access points thinking that they are related. Understanding Windows at all would make Linux clear to him here.
"What does "hardwired to the network" mean to you?"
My first question when reading his post.
-
@dashrender Did start reading a guide on using Lets Encrypt but with some automation to renew the cert every x days.
-
work, email,... research,.. and updating from Ubuntu 17.04 to 17.1..
-
@eddiejennings said in What Are You Doing Right Now:
@scottalanmiller said in What Are You Doing Right Now:
Everyone always blames not knowing Linux for not knowing computing basics. This thread he says he's all confused because it is Linux, but he obviously doesn't understand the Windows terms he's trying to use or just things like what a network is. He's literally mixing concepts like AD Domains and access points thinking that they are related. Understanding Windows at all would make Linux clear to him here.
"What does "hardwired to the network" mean to you?"
My first question when reading his post.
Yeah, he's really struggling with the basics of like "what is a network".
-
It's odd because, for Linux, being on a domain doesn't make sharing files between them easier. For the use case listed it would add near zero benefit.
-
@coliver said in What Are You Doing Right Now:
It's odd because, for Linux, being on a domain doesn't make sharing files between them easier. For the use case listed it would add near zero benefit.
Nearly the same is true for Windows. Joining a domain doesn't alone make any file sharing happen.
-
@scottalanmiller said in What Are You Doing Right Now:
Everyone always blames not knowing Linux for not knowing computing basics. This thread he says he's all confused because it is Linux, but he obviously doesn't understand the Windows terms he's trying to use or just things like what a network is. He's literally mixing concepts like AD Domains and access points thinking that they are related. Understanding Windows at all would make Linux clear to him here.
Wow. I read what he posted. He doesn't even seem to know what he wants/needs to do with the Raspberry Pis.
-
@penguinwrangler said in What Are You Doing Right Now:
@scottalanmiller said in What Are You Doing Right Now:
Everyone always blames not knowing Linux for not knowing computing basics. This thread he says he's all confused because it is Linux, but he obviously doesn't understand the Windows terms he's trying to use or just things like what a network is. He's literally mixing concepts like AD Domains and access points thinking that they are related. Understanding Windows at all would make Linux clear to him here.
Wow. I read what he posted. He doesn't even seem to know what he wants/needs to do with the Raspberry Pis.
Exactly. Even just talking at a description level, he has no idea what he's trying to accomplish or what has been tried. It drives me crazy when Windows people blame Linux when the issue is he doesn't know computers or networking. How does using a Linux device cause him to not know how networking works, what a Domain is, what drive shares are, what an access point it, what a bridge is, what his job is, or what a PC is?
-
@scottalanmiller said in What Are You Doing Right Now:
@eddiejennings said in What Are You Doing Right Now:
@scottalanmiller said in What Are You Doing Right Now:
Everyone always blames not knowing Linux for not knowing computing basics. This thread he says he's all confused because it is Linux, but he obviously doesn't understand the Windows terms he's trying to use or just things like what a network is. He's literally mixing concepts like AD Domains and access points thinking that they are related. Understanding Windows at all would make Linux clear to him here.
"What does "hardwired to the network" mean to you?"
My first question when reading his post.
Yeah, he's really struggling with the basics of like "what is a network".
With people like that, I usually step back and ask, what are we trying to accomplish? What end result do you want. They usually can tell you that, then you now how to handle it.
-
@penguinwrangler said in What Are You Doing Right Now:
@scottalanmiller said in What Are You Doing Right Now:
@eddiejennings said in What Are You Doing Right Now:
@scottalanmiller said in What Are You Doing Right Now:
Everyone always blames not knowing Linux for not knowing computing basics. This thread he says he's all confused because it is Linux, but he obviously doesn't understand the Windows terms he's trying to use or just things like what a network is. He's literally mixing concepts like AD Domains and access points thinking that they are related. Understanding Windows at all would make Linux clear to him here.
"What does "hardwired to the network" mean to you?"
My first question when reading his post.
Yeah, he's really struggling with the basics of like "what is a network".
With people like that, I usually step back and ask, what are we trying to accomplish? What end result do you want. They usually can tell you that, then you now how to handle it.
I did, and he had no idea.
-
@penguinwrangler said in What Are You Doing Right Now:
They usually can tell you that, then you now how to handle it.
It's less common than you think. If he really knew what he wanted to do, chances are you could have looked it up in minutes. The issue is that he wants us to figure out what he should do based solely on the fact that there is Linux and... an employee.
-
@scottalanmiller said in What Are You Doing Right Now:
@penguinwrangler said in What Are You Doing Right Now:
@scottalanmiller said in What Are You Doing Right Now:
@eddiejennings said in What Are You Doing Right Now:
@scottalanmiller said in What Are You Doing Right Now:
Everyone always blames not knowing Linux for not knowing computing basics. This thread he says he's all confused because it is Linux, but he obviously doesn't understand the Windows terms he's trying to use or just things like what a network is. He's literally mixing concepts like AD Domains and access points thinking that they are related. Understanding Windows at all would make Linux clear to him here.
"What does "hardwired to the network" mean to you?"
My first question when reading his post.
Yeah, he's really struggling with the basics of like "what is a network".
With people like that, I usually step back and ask, what are we trying to accomplish? What end result do you want. They usually can tell you that, then you now how to handle it.
I did, and he had no idea.
I know, I read that. I have to think that he is not (please for the love of our profession) actually an IT person.
-
@dashrender said in What Are You Doing Right Now:
@hobbit666 said in What Are You Doing Right Now:
Wondering how do people here apply certificates to internal websites?
e.g. A unifi controller, so when I visit https://unifi01 I don't get the warning.Do you use external provider like 123reg and buy a SSL cert or do something internal?
Normal old school certs from GoDaddy or Digicert apply easily to these situations, you create a CSR, export it, use that information on the cert providers website, export your cert from them, install it on your internal host - done.
This isn't so easy to do with Let's Encrypt. This is because LE needs to check your ownership of a website by having direct access to that website.
That said, assuming you do have a website, you can have LE include a SAN, which is your internal servername, export the cert from the externally facing site, after LE installs the cert, then import that cert to your internal server. Then manually do that process whenever the cert is updated on the external server.
LE does not require connectivity to your server. You can also use DNS authentication. Have been able to do it since late last year I do believe.
-
@penguinwrangler said in What Are You Doing Right Now:
@scottalanmiller said in What Are You Doing Right Now:
@penguinwrangler said in What Are You Doing Right Now:
@scottalanmiller said in What Are You Doing Right Now:
@eddiejennings said in What Are You Doing Right Now:
@scottalanmiller said in What Are You Doing Right Now:
Everyone always blames not knowing Linux for not knowing computing basics. This thread he says he's all confused because it is Linux, but he obviously doesn't understand the Windows terms he's trying to use or just things like what a network is. He's literally mixing concepts like AD Domains and access points thinking that they are related. Understanding Windows at all would make Linux clear to him here.
"What does "hardwired to the network" mean to you?"
My first question when reading his post.
Yeah, he's really struggling with the basics of like "what is a network".
With people like that, I usually step back and ask, what are we trying to accomplish? What end result do you want. They usually can tell you that, then you now how to handle it.
I did, and he had no idea.
I know, I read that. I have to think that he is not (please for the love of our profession) actually an IT person.
Does that make it better? Someone outside of IT should know even more to talk in goal terms and not throw technical terms about.
-
@coliver said in What Are You Doing Right Now:
It's odd because, for Linux, being on a domain doesn't make sharing files between them easier. For the use case listed it would add near zero benefit.
is that true? If a Linux box is part of a domain, it's not easier to map a SMB share? i.e. don't need to provide credentials when making the connection?
-
@dashrender said in What Are You Doing Right Now:
@coliver said in What Are You Doing Right Now:
It's odd because, for Linux, being on a domain doesn't make sharing files between them easier. For the use case listed it would add near zero benefit.
is that true? If a Linux box is part of a domain, it's not easier to map a SMB share? i.e. don't need to provide credentials when making the connection?
You'd still have provide credentials. It makes no part of the mapping easier, at least to my knowledge.
-
@jaredbusch said in What Are You Doing Right Now:
@dashrender said in What Are You Doing Right Now:
@hobbit666 said in What Are You Doing Right Now:
Wondering how do people here apply certificates to internal websites?
e.g. A unifi controller, so when I visit https://unifi01 I don't get the warning.Do you use external provider like 123reg and buy a SSL cert or do something internal?
Normal old school certs from GoDaddy or Digicert apply easily to these situations, you create a CSR, export it, use that information on the cert providers website, export your cert from them, install it on your internal host - done.
This isn't so easy to do with Let's Encrypt. This is because LE needs to check your ownership of a website by having direct access to that website.
That said, assuming you do have a website, you can have LE include a SAN, which is your internal servername, export the cert from the externally facing site, after LE installs the cert, then import that cert to your internal server. Then manually do that process whenever the cert is updated on the external server.
LE does not require connectivity to your server. You can also use DNS authentication. Have been able to do it since late last year I do believe.
Oh nice. So you just run the LE script on the internal host (assuming it's allowed out to the internet) then update the DNS when told, then continue the script and get the cert? awesome!.
Question - do you have to update the DNS record each time you renew (to ensure you still own the domain?)