Web services

Revision as of 12:10, 19 May 2016 by Mhan (talk | contribs) (add php area and downgrading php 7 to php 5.6)

PHP

Downgrading PHP 7 to PHP 5.6

  • Last tested on Ubuntu 14.04.4 LTS (trusty) | easy | less than ten minutes

This should be also applicable for Ubuntu 16.04 (xenial) since it has PHP 7.0 as the default. I had temporarily upgraded to PHP 7.0 to check compatibility of one of our applications and Crypt_RSA package turned out to be the sore spot. So we had to revert back.

This may only apply for Ubuntu 14.04.4 or other versions less than 16.04. This is to add Ondřej Surý's PPA repository for PHP. Of course, if you have 14.04 and already have PHP 7.0, you probably have done this. If you don't have add-apt-repository, then please add it by adding a package called python-software-properties.

$ sudo apt-get install python-software-properties

Add repository for PHP

$ sudo add-apt-repository -y ppa:ondrej/php

Update package lists:

$ sudo apt-get update

Install PHP 5.6. You may also add other extensions you may need for your app (e.g. php5.6-mbstring, php5.6-xml, etc.)

$ sudo apt-get install php5.6

Switch the default PHP to PHP 5.6.

$ sudo update-alternatives --config php

Reference: Downgrade PHP 7 to PHP 5.6

SSL/TLS

Generate a CSR

  • Last tested on Ubuntu 14.04.2 LTS (trusty) | easy | less than five minutes

This will generate a 2048-bit key (secure & insecure) and CSR for usage on a website. CSR is short for Certificate Signing Request and is usually requested by CA (Certificate Authority) when trying to obtain a SSL/TLS certificate.

1. Create a secure key for CSR

$ openssl genrsa -des3 -out server.key 2048
Generating RSA private key, 2048 bit long modulus
.....................+++
....................+++
e is 65537 (0x10001)
Enter pass phrase for server.key:
Verifying - Enter pass phrase for server.key:

2. Create an insecure key for CSR sourcing from the secure one

$ openssl rsa -in server.key -out server.key.insecure
Enter pass phrase for server.key:
writing RSA key

3. Rename the keys

$ mv server.key server.key.secure
$ mv server.key.insecure server.key

4. Create the CSR

$ openssl req -new -key server.key -out server.csr