If you follow these steps you can create a self signed certificate with the following specifications:
- Wildcard certificate
- SHA256 hash
- 10 years
- 2048 bits public key
- Client and server verification
- Sha1 fingerprint
Be aware that self-signed certificates can manipulate by a man-in-the-middle. You should not use this in critical production environments.
Please use windows 10 powershell in admin mode. Otherwise you will get errors
New-SelfSignedCertificate -certstorelocation cert:\localmachine\my -dnsname *.domain.local -NotBefore $([datetime]::now.AddDays(-15)) -NotAfter $([datetime]::now.AddDays(3560))
Now export the certificates. Before you copy/paste change the thumbprint with the thumbprint you get from the above command.
$CertPassword = ConvertTo-SecureString -String "YourPassword" -Force –AsPlainText
Export-PfxCertificate -Cert cert:\LocalMachine\My\C6B46CEB7D3A40DB08E78B19FEDD3A24EA7A7919 -FilePath C:\test.pfx -Password $CertPassword
Export-Certificate -Cert Cert:\LocalMachine\My\C6B46CEB7D3A40DB08E78B19FEDD3A24EA7A7919 -FilePath C:\tstcert.cer
Now you can import the PFX with IIS and bind the certificate in IIS.
And import the *.CER in your MMC > Certificates > Computer account > trusted root Certification authority > Certificates
Have fun with your certificate the next 10 years 😀
I know for sure you have a track in your spotify playlist and you want more like that kind of music. There is a way to find all the public spotify playlists based on fans like yourself. Spotify unfortunately don’t have a solution, ut with a smart google search you find what you need 😀
The google search you can try is:
site:spotify.com “track artist” playlist
site:spotify.com “do it rootkit” playlist
Today our domain controller had a very bad day and had a bootloop after a reboot. I used recording software to capture the blue screen error: STOP: c00002e2 Directory Services could not start
Then we found a nice article to fix this issue. We had a second working domain controller so if you have the same setup you can use this how to, to fix this problem also. All the credits go to dbutch1976
- Restart the server and press F8 key, select Directory Services restore mode.
- Log in with the local administrator username and password (hope you remember what you set it to!).
- Type cd \windows\system32
- type NTDSUTIL
- type activate instance NTDS
- type files
- If you encounter an error stating that the Jet engine could not be initialized exit out of ntdsutil.
- type cd\
- type md backupad
- type cd \windows\ntds
- type copy ntds.dit c:\backupad
- type cd \windows\system32
- type esentutl /g c:\windows\ntds\ntds.dit
- This will perform an integrity check, (the results indicate that the jet database is corrupt)
- Type esentutl /p c:\windows\ntds\ntds.dit
- Agree with the prompt
- type cd \windows\ntds
- type move *.log c:\backupad (or just delete the log files)
This should complete the repair. To verify that the repair has worked successfully:
- type cd \windows\system32
- type ntdsutil
- type activate instance ntds
- type files (you should no longer get an error when you do this)
- type info (file info should now appear correctly)
You have bought een new system and the first thing what you want to do is check the disk performance (ehhh that’s always the first thing I want to know 😛 )
There is one tool I always use: ATTO Disk Benchmark
This is a very nice tool to quickly see how fast your troughput is of your new system.
But sometimes you want to check your IOPS. Then you can use another nice microsoft commandline benchmark tool DiskSpd
You can use this parameter to benchmark:
diskspd -b8K -d30 -o4 -t8 -h -r -w25 -L -Z1G -c20G testfile.dat
This example command line will run a 30 second random I/O test using a 20GB test file located on the T: drive, with a 25% write and 75% read ratio, with an 8K block size. It will use eight worker threads, each with four outstanding I/Os and a write entropy value seed of 1GB. It will save the results of the test to a text file called DiskSpeedResults.txt. This is a pretty good set of parameters for a SQL Server OLTP workload.
If you get errors like:
Results for timespan 1:
The test was interrupted before the measurements began. No results are displayed.
Error generating I/O requests
Or file creation errors like “Error opening file: testfile.dat” please try to replace the minus “-” characters with your keyboard. Sometimes your browser copy the wrong character.
Happy benchmarking 😀
Download Log Parser 2.2 from the microsoft site. After the installation google is your friend
Hits on a particular page by IP address
LogParser -i:IISW3C "SELECT c-ip, COUNT(*) As Hits FROM C:\WINDOWS\system32\LogFiles\temp\*.log WHERE EXTRACT_FILENAME(cs-uri-stem) = 'default.aspx' AND sc-status = '200' GROUP BY c-ip Order by Hits DESC" -o:DataGrid
Another great way to analyse log files is the tool: Log Parser Studio. With this tool you can easy query loggings with a GUI:
copy C:\Windows\winsxs\amd64_microsoft-windows-cleanmgr_31bf3856ad364e35_6.1.7600.16385_none_c9392808773cd7da\cleanmgr.exe to %systemroot%\System32
copy C:\Windows\winsxs\amd64_microsoft-windows-cleanmgr.resources_31bf3856ad364e35_6.1.7600.16385_en-us_b9cb6194b257cc63\cleanmgr.exe.mui to %systemroot%\System32\en-Us
Run cmd > cleanmgr and remove all the nasty update files!
After I cleaned up the server I had to stop the windows installer service (trustedinstaller.exe) to remove the c:\windows\logs\cbs\CBS.log (6GB file) manually. Maybe a restart of the server do the same but I cannot test it on a production environment.
Export the Private Key:
# openssl pkcs12 -in filename.pfx -nocerts -out key.pem
Remove the password from the SSL certificate (unencrypted is needed for plesk):
# openssl rsa -in key.pem -out server.key
Export the certificate:
# openssl pkcs12 -in filename.pfx -clcerts -nokeys -out cert.pem
Now upload the certificate:
And bind the certificate in your hosting settings:
I’ve created a batch file which find out what was hanging my .NET application.
time /t >>crappy_site_log.txt
%windir%\system32\inetsrv\appcmd list requests /elapsed:5000 >>crappy_site_log.txt
ping -n 4 127.0.0.1
This command logs every request above the 5 seconds.
This idea came from: https://www.leansentry.com/Guide/IIS-AspNet-Hangs
On my windows 2008 r2 server, Windows update was running forever 🙁
I tried a lot of things but fixing the problem was really simple:
- Go to https://support.microsoft.com/en-us/kb/971058
- Download the fixit
- Run the fixit and follow the wizard
Then your problem will be fixed automatically 🙂
Still problems? Try this post: http://superuser.com/questions/951960/windows-7-sp1-windows-update-stuck-checking-for-updates
Note: If you have a WSUS server and you still have problems to find windows updates you can try to temporary disable the WSUS client to change the registry key UseWUServer to dword:00000000
There is a nice cross-platform open source tool to find out what the best DNS server is for your internet connection.
- Go to https://code.google.com/p/namebench/downloads/list
- Download the namebench tool
- Extract and start the tool
- Click on “Start Benchmark
This benchmark takes some time. About +/- 15 minutes. Then you get the results in your browser:
201% faster name query performance!!! WOW!
When everything is setup you can check your DNS settings with a nice website: https://www.dnsleaktest.com/
To find the best DNS server for you start the tool at different times during the day.
Happy resolving 🙂