Wednesday, March 8, 2017

AWS

EC2:
Login:
1. Copy your .pem file to ~/.ssh.
2. Change permissions to chmod 500 <your_file>.pem
3. Login to your server.

ssh -i /full-path-to/.pem ec2-user@PUBLIC_DNS


INSTALL PHP:
sudo yum install php56

Free Memory Check:
free -m (in MB)

Hard disk capacity Check:
df -h (Human Readable)

GIT Resets


GIT REST HELP
  • Soft
    • git reset --soft <commit id>
  • Mixed
    • git reset --mixed <commit id>
  • Hard
    • git reset --hard <commit id>

Check git log status:
git log --oneline

Soft:
git reset --soft <commit id>

Result:
Brings the files changed after this commit id into staging index. 
i.e, as if those changed files were added using git add command.

Mixed:
git reset --mixed <commit id>

Result:
Brings the files changed after this commit id into Working Directory. 
i.e, as if those changed files were changed but not gone through git add yet.

Hard:
git reset --hard <commit id>

This is the most dangerous command as it is going to completely wipe out our working directory and staging index. Any files you were tinkering with will be gone.

Result:
Brings the files changed after this commit id into staging index. 
i.e, as if those changed files were added using git add command.


git reset --hard HEAD
This will bring your code base to the commit where HEAD is pointing to.
Basically this will wipe out any changes in Working Directory and Staging Index.


TODO:
Pushing reset commit to remote?

Friday, January 20, 2017

Set Mule ESB to use TLS v1.2

Mulesoft Anypoint Studio was giving me trouble for a long time to connect to an external HTTP server that supports only TLSv1.2.

Below options did not work for me:
-Dhttps.protocols=TLSv1.2
-Djdk.tls.client.protocols=TLSv1.2

Solution:
I had to create a tls-default.conf file directly under src/main/resources (classpath root folder) and set

enabledProtocols=TLSv1.2


Full Configuration:
# This file allows to restrict SSL behavior in Mule. If the file doesn't exist or a property is not defined,
# default values of the current security provider will be used.


# Cipher suites that will be enabled in SSL. If this property is set, SSL sockets will
# only use cipher suites that are provided in this list and supported by the current security provider.
#enabledCipherSuites=TLS_KRB5_WITH_3DES_EDE_CBC_MD5,        \
#                    SSL_DH_anon_WITH_DES_CBC_SHA,          \
#                    TLS_DH_anon_WITH_AES_128_CBC_SHA,      \
#                    TLS_DHE_RSA_WITH_AES_128_CBC_SHA,      \
#                    SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, \
#                    SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,     \
#                    TLS_DHE_RSA_WITH_AES_256_CBC_SHA,      \
#                    TLS_KRB5_WITH_3DES_EDE_CBC_SHA,        \
#                    TLS_KRB5_WITH_DES_CBC_MD5,             \
#                    TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5,   \
#                    SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, \
#                    SSL_DHE_DSS_WITH_DES_CBC_SHA,          \
#                    TLS_KRB5_WITH_DES_CBC_SHA,             \
#                    SSL_RSA_WITH_NULL_MD5,                 \
#                    TLS_DHE_DSS_WITH_AES_256_CBC_SHA,      \
#                    SSL_DH_anon_WITH_3DES_EDE_CBC_SHA,     \
#                    TLS_RSA_WITH_AES_128_CBC_SHA,          \
#                    SSL_DHE_RSA_WITH_DES_CBC_SHA,          \
#                    TLS_DH_anon_WITH_AES_256_CBC_SHA,      \
#                    TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA,   \
#                    SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA, \
#                    SSL_RSA_WITH_NULL_SHA,                 \
#                    TLS_RSA_WITH_AES_256_CBC_SHA,          \
#                    SSL_RSA_WITH_DES_CBC_SHA,              \
#                    TLS_EMPTY_RENEGOTIATION_INFO_SCSV,     \
#                    SSL_RSA_EXPORT_WITH_DES40_CBC_SHA,     \
#                    TLS_DHE_DSS_WITH_AES_128_CBC_SHA,      \
#                    SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,     \
#                    SSL_RSA_WITH_3DES_EDE_CBC_SHA


# Protocols that will be enabled in SSL. If this property is set, SSL sockets will only use protocols
# that are provided in this list and supported by the current security provider.
#enabledProtocols=TLSv1,TLSv1.1,TLSv1.2
enabledProtocols=TLSv1.2