Secure a MAMP Pro hosted website for 8 bucks using NameCheap

Posted on July 11, 2018 by john

Secure is the new un-secure when it comes to the amount of website that transitioned from un-secure pages to fully secured sites. Google is even indexing and rating search results based on secure pages. I still remember the good old days when even Facebook was an un-secure page.

Let’s get started –

Step 1
Buy the SSL certificate on NameCheap’s website. I went with the cheapest option.

Step 2. Confirm domain ownership using the Domain Control Validation. I had a hard time with HTML option and found creating an email alias worked better.

Step 3. Create a Certificate Signing Request (CSR) using Mac Os KeyChain.

Open Keychain access

Step 4. Open the save CSR in text edit or another text editor and copy the contents of the CSR into your clipboard. It will look like this –

Step 5. Login and paste the CSR into the NameCheap console in the verified domain. The domain name should validate. You should get two options, select any other server.

Step 6. After a few moments of processing, you will now you will get an email and be able to download your signed certificate folder. It will contain three files (.ca-bundle, .crt and .p7b). I suggest adding your previously exported private key to this folder.

Step 7. Now the fun part… We need to get everything in the correct format for our MAMP installation. We will start by exporting and converting our private key to a format that does not contain a password.

Open up KeyChain access and look for your newly generated private key.

It will ask you to set a password when you export the file.

Now we need to convert the file –

openssl pkcs12 -in PATH-of-p12-private-key-export-file -out path-to-export.pem -nodes -nocerts
Enter your export password and then enter it again to set it for the export.

Now remove the password completely
openssl rsa -in PATH-of-pem-private-key-export-file -out path-to-export.key
Save the .key file in your SSL folder with the downloaded certificates.
Step 8. Open the .ca-bundle file and you will see three certificates. Remove the last certificate. This is just an additional anchor cert that will ding your SSL score.

Step 9. rename the .ca-bundle file to namecheapchain.pem

Step 10. Securely upload the certs to your server in a location that can hold your certs.

Step 11. Open up MAMP and associate your new certs!

MAMP PRO SSL Settings

Certificate file is the one ending in .crt downloaded directly from NameCheap.
Is the exported and converted private key ending in .key.
This will be the certificate chain file ending in .pem

I also checked https connections must use TLS protocols

Then restart Apache and give it a test.

You can also run a detailed test like this one –

Twilio Cisco ASA IP Address Whitelist

Posted on January 29, 2018 by john

Tired of entering the twilio networks by hand? Below is the Cisco ASA preformated version of twilios page:
https://www.twilio.com/docs/api/sip-trunking/getting-started

Network Objects

object network Twilio-Signal-North-America-Virginia subnet 54.172.60.0 255.255.255.252 object network Twilio-Media-North-America-Virginia1 subnet 54.172.60.0 255.255.254.0 object network Twilio-Media-North-America-Virginia2 subnet 34.203.250.0 255.255.254.0 object network Twilio-Signal-North-America-Oregon subnet 54.244.51.0 255.255.255.252 object network Twilio-Media-North-America-Oregon subnet 54.244.51.0 255.255.255.0 object network Twilio-Media-Europe-Ireland subnet 54.171.127.192 255.255.255.192 object network Twilio-Signal-Europe-Ireland subnet 54.171.127.192 255.255.255.252 object network Twilio-Signal-Europe-Frankfurt subnet 35.156.191.128 255.255.255.252 object network Twilio-Media-Europe-Frankfurt subnet 35.156.191.128 255.255.255.128 object network Twilio-Signal-Asia-Pacific-Tokyo subnet 54.65.63.192 255.255.255.252 object network Twilio-Media-Asia-Pacific-Tokyo subnet 54.65.63.192 255.255.255.192 object network Twilio-Signal-Asia-Pacific-Singapore subnet 54.169.127.128 255.255.255.252 object network Twilio-Media-Asia-Pacific-Singapore subnet 54.169.127.128 255.255.255.192 object network Twilio-Signal-Asia-Pacific-Sydney subnet 54.252.254.64 255.255.255.252 object network Twilio-Media-Asia-Pacific-Sydney subnet 54.252.254.64 255.255.255.192 object network Twilio-Signal-South-America-Sao-Paulo subnet 177.71.206.192 255.255.255.252 object network Twilio-Media-South-America-Sao-Paulo subnet 177.71.206.192 255.255.255.192

Network Groups:

object-group network Twilio-SignallingIPs network-object object Twilio-Signal-North-America-Virginia network-object object Twilio-Signal-North-America-Oregon network-object object Twilio-Signal-Europe-Ireland network-object object Twilio-Signal-Asia-Pacific-Singapore network-object object Twilio-Signal-Asia-Pacific-Sydney network-object object Twilio-Signal-Asia-Pacific-Tokyo network-object object Twilio-Signal-Europe-Frankfurt network-object object Twilio-Signal-South-America-Sao-Paulo object-group network Twilio-MediaIPs network-object object Twilio-Media-North-America-Oregon network-object object Twilio-Media-North-America-Virginia1 network-object object Twilio-Media-North-America-Virginia2 network-object object Twilio-Media-Europe-Ireland network-object object Twilio-Media-Asia-Pacific-Singapore network-object object Twilio-Media-Asia-Pacific-Sydney network-object object Twilio-Media-Asia-Pacific-Tokyo network-object object Twilio-Media-Europe-Frankfurt network-object object Twilio-Media-South-America-Sao-Paulo

Single Mode or OM4 Fiber?

Posted on October 4, 2015 by john

We have all been working to replace the old 62.5 fiber cable(OM1) to achieve speeds 1GPBS+. The debate is now why not just use single mode for all short distance fiber runs? The cable itself is much cheaper than 0M4. The LC connectors cost slightly more and the optics can be more expensive. There is no minimum distance for Cisco SFP-10G-LR-S so it works good with 1 meter connections or 10KM connections. Single Mode fiber will support 100gbps currently whereas OM4 will only do 10gbps 1540ft.

Informacast Review

Posted on October 4, 2015 by john

What do you like best?

I tell people “You can do anything with informacast”. The software package they provide literally has everything you could think when it comes mass campus communication. I have never seen such a scalable product with so many awesome features. The interface is very simple yet powerful. I feel better knowing our administration can instantly put our campuses in emergency mode with 2 seconds phone call and a canned message.

What do you dislike?

I wish you could limit staff to certain ring lists and not give them full control of all campuses.

What business problems are you solving? What benefits have you realized?

We have many analog bell systems that are showing their age. Moving to IP will let us compartmentalize our system and just replace speakers. We are had great success with our Cisco IP phone system implementation and informacast can do the same for our many bell systems.

For which purposes do you use InformaCast?

Emergency Notification

X2 to SFP+ Converters

Posted on November 13, 2012 by john

SFP or X2?

I just recently started using cisco X2 ports. Generally cisco uses standard SFP or SFP+ ports across their cisco product lines. I believe Cisco started the 10Gig adoption with the X2 ports before the development of SFP+. Cisco has all but removed the X2 from their product lines but many X2 3560e switches are going to be around for awhile. This being said if you want go 10Gig, I highly suggest pruchasing Cisco CVR-X2-SFP10G with the standard SFP+. This solutions gives you the flexibility to use those SFP+ on the next generation switches. Make sure you check the Compatibility Matrix and IOS version as you mostly likely need an IOS update.

Cisco CVR-X2-SFP10G

Hello and welcome to my IT Blog!

Posted on March 8, 2012 by john

This website allows me to document all projects I work on in the I.T. field. Please check it out you might learn something.

John

John A Keating

IT Infrastructure Blog

Author Archives: john