! I've got it! I'm going to make a Cisco+ certification! I'll be richer than Tron from Chapelle.

@scottalanmiller Yeah. Seeing such a thing in a job posting makes me wonder if either there's a step to go through which includes a non-techincal HR screen, or the company doesn't have anyone really prepared to screen an IT applicant.

@scottalanmiller said in Home Projects for My Server:

@EddieJennings said in Home Projects for My Server:

Just got an E-mail from a recruiter. I always chuckle when I see Cisco listed as a "skill."

I like to think that "not giving in to Cisco advertising" is a skill.

And I now realize I put this in the wrong thread. /sigh

Just got an E-mail from a recruiter. I always chuckle when I see Cisco listed as a "skill."

Reading about virtual hosts in Apache.

First VM running on my lab server :D. Tomorrow begins configuration -- project 1: DNS

About to relive the "joy" of trying to get a management tool (in this case Hyper-V manager) to connect to my lab hyper-v server with neither the client or server being domain joined.

@JaredBusch said in OpenSSL CSR with Subject Alternative Name:

@EddieJennings said in OpenSSL CSR with Subject Alternative Name:

@JaredBusch Correct. The "ye olde way" is how I've typically made a CSR and private key. The link I included talks about making a configuration file, which allows you to include SAN in your CSR.

Ah, did not read the link. Yes, using a config file is the only method to get any SAN on a cert with OpenSSL.

And after re-reading my post, I realized how terrible it was :(. I was hoping to find a one liner kind of thing, but alas. That particular article made it clear how to do it.

Doing some guild for on Project 1999, then food, then back to lab hyper-v server.

@JaredBusch Correct. The "ye olde way" is how I've typically made a CSR and private key. The link I included talks about making a configuration file, which allows you to include SAN in your CSR.

As much as I enjoy teaching percussion kid, his arm injury allows me to go home early

https://geekflare.com/san-ssl-certificate/

This worked beautifully for me. Chrome 58 gripes about a SAN not being present, and ye ole way I'd use to generate a csr didn't prompt you for any kind of SAN. Granted this won't prompt you, rather you'll simply configure what you want.

Ye ole way (doesn't produce any kind of SAN) = openssl req -new newcsr.req -newkey rsa:2048 -nodes -keyout newkey.key

I'm sure there are different ways (and likely better) to achieve this, but the above link worked for me.

Edited for clarity.

@NerdyDad said in What Are You Doing Right Now:

@scottalanmiller said in What Are You Doing Right Now:

@Tim_G said in What Are You Doing Right Now:

But again, as NerdyDad pointed out... how many places now a days have someone just standing at a bench fixing PCs all day?

It's either scrap it if it doesn't work, or reimage it... LOL

SAM's Revised One Question A+

Question: A customer comes to you with a laptop, they say that things are not working and they need it fixed.

Do you:

A ) Run a diagnostic script on it to determine what is wrong?
B ) Interrogate the user to figure out what "it is not working" means?
C ) Sacrifice a goat to the bench gods for guidance?
D ) Rapidly re-image the machine to ensure that it is clear, working and malware free?

The tech side says A) to get to the problem or possibly recover data before going to D). If D fails, I would go to C.

E) Chastise customer for not purchasing an extended warranty.

@scottalanmiller I am. I probably ought to have played with more, but this seems to fit our needs.

Making the VM that will become our IT dept's "production" documentation wiki

Wading my way through the dark while trying to configure Hyper-V 2016 on my lab server.

For my fellow music majors and anyone else who would enjoy it.
Youtube Video

@coliver I'm not sure whether it would work or not. Our internal domain is a subdomain of the domain we own. Since it's domain validated, I'd have to put something (likely a TXT record) in our public DNS, as it wouldn't make sense to have an A record for a host no one can reach. The other part would be installing and (probably) configuring certbot to get the job done.

@scottalanmiller @coliver Yeah, it'll be a wiki for IT documentation (and eventually other departments). It bothers me to give up on a task, but this seems to be eating more time than what seems acceptable for the scope of the project.

Option 1: Keep trying to get my CSR (made using openssl) for my Dokuwiki test to have a subject alternative name, so Chrome will stop griping.
Option 2: Cease option 1, and figure out how to use Lets Encrypt to generate a cert for a non-public facing website.
Option 3: Forget about having my little Dokuwiki use SSL (since my original problem of AD credentials in the clear was solved by adding my private CA's root certificate to the Dokuwiki server's certificate store)