personal updates on web environments, ssl, ips, and new box

Posted on by michael

Looks like my flurry of posts early this week were just pre-empting my lack of posts through hump day. Things at work have heated up a bit, especially with me learning some new things. In particular today, I am working with Wise MSI packages for our web server deployments in addition to new SSL management now that we have a hardware load-balancer which is performing SSL termination for us. I”m utilizing tools in OpenSSL to not only convert existing IIS exported keys into readable formats but also to generate new keys via scripting.

We’re also working on a new development environment: 1 of 13. Yes, 13. Don’t ask, I think it’s the wrong way to go and half of them won’t get used or updated enough. It’ll turn into our nightmare before someone gets wise and trims that back down to something simpler like “dev-staging-prod” plus a few others. Thankfully, all of the servers will be virtual.

Also into this week I’ve been re-turning our IPS. Our IPS management server took a final dump on Friday and wasn’t about to come back on. Thankfully we do backups of the full MySQL database so I recreated the server as a virtual box, reinstalled the product manager, got it talking to the appliance IPS itself, and then restored everything from backups. Talk about slick! I only had to do minor tweaks and retuning on things not covered in the backup. Not bad, and it is nice to be able to properly validate our backup/restore procedures. Backups always bother me in the back of my head until we can actually do them once and verify things work as needed. In addition, since this box was put together before I came on board, it was also nice to see we had documentation on the build and settings (thank you Accuvant!).

Lastly, parts for my new vmware box are arriving. The case arrived yesterday and the rest should be in today when I get home. These will be married to a few extra core parts I already had on hand to be turned into a dedicated Ubuntu VMWare Server box that will run a variety of “always on” machines. (In contrast to my gaming rig which only doubles as a VMWare box now and then for throw-away VMs or testing.) This should keep me busy until the weekend as I make sure I don’t have to RMA anything. I’ll post pics and notes later on about this box.