LetsEncrypt Windows

LetsEncrypt provide Free SSL with 90 day validity. You need to renew it every 90 days, there are software to do this. For windows some of the popular software are.

win-acme

This is a small exe file, it have command line interface (No GUI). You need to run this program ad Administrator (Run as Administrator), then only it will setup Scheduled Tasks needed for auto SSL renew.

It support auto SSL install on IIS and have option for custom SSL install.

https://www.win-acme.com/

CertifyATheWeb

This is a GUI program.

https://certifytheweb.com

Delete SSL Certificate in IIS

To delete SSL certficate in IIS,

1) Start Internet Information Service (IIS) Manager
2) Click on Server Name (server hostname)
3) On right side, click on Server Certificates button.

On next screen, you will get a list of all SSL certfificates. You can right click on any of the certficate and delete it.

For older version of IIS

1) Open MMC (Start > Run > MMC). Open the Certificates Snap-in.
2) Select Local Computer Account
3) Select Certificates > Personal
4) Find the certficate and delete.

See Internet Information Server (IIS)

Enable SSL in Haproxy Docker Container

I have a haproxy container running on port 80. This container is started with command

This haproxy used following configuration file /home/ubuntu/haproxy/haproxy.cfg

To make this haproxy work with SSL, first create a ssl.pem file with your SSL certificate contents in following order

copy and paste all those certs into ssl.pem file inside /home/ubuntu/haproxy/ssl.pem

Now modify your /home/ubuntu/haproxy/haproxy.cfg file as follows

Now we need to stop current docker container as it only allow port 80 to be shared.

Lets create a new haproxy container with port 443 forwaded.

See Haproxy

Auto Start Nginx on Windows

To auto start Nginx on Windows, download

http://nssm.cc/download

Extract the file, you will find “nssm.exe” file for 32 and 64 bit windows. Copy the file for your Windows version to a folder like

C:\utils\nssm.exe

Start a command promt as user Administrator, then to go the folder where nssm.exe is, then run

In the GUI select the nginx.exe path, click install service.

Now in Service Manager, you will see new service Nginx, that is set to autostart by default.

You can right click service name and select start.

See Windows Nginx

Systemd Journal

Systemd have its own loggin system called Systemd Journal. It keep track of logs for each service.

To see log for a service, run

Example

systemd service file

Start an application using systemd

systemd is used to start applications on linux systems.

In this post, we will create an application and run start it on boot using systemd.

Lets create our sample application.

Add following content to the file and save.

You can start the application by running

on terminal, this will run a simple web server on port 80. If you already have a web server running on port 80, change the port to another.

To stop web server, type CTRL+C.

Create Systemd service file

To manage this application using systemd, we need to create a service file.

Add

systemd service file

Managing Systemd service

First you need to enable the service with

To start the service, run

To stop the service, run

To see status of the service, run

Application Performance Monitor (APM)

Application Performance Monitor (APM) is used to monitor application performance. This help you identify problems with your application. If you are developing an application, this is very helpful as you can see changes in application performance during a software upgrade, this allow you to identify perofrmance issues related to changes in your application.

Here are some useful sites that provide Application Performance Monitoring solutions.

https://blackfire.io

https://newrelic.com/

serverpilot

serverpilot is a SAAS hosting control panel for web servers.

It use nginx as proxy with apache web server as backend. Services used by serverpilot are

Config file locations

Web site specific configuratoons stored in vhosts.d folder inside apache/nginx config folders.

Apache installed at

Plesk Nginx

How to enable gzip on Plesk Nginx

To enable gzip on Plesk server with Nginx proxy, go to

Click on the domain for which you need gzip compression enbaled.

Plesk Nginx

click on “Apache & nginx Settings”. On next page, scroll down, add following to “Additional nginx directives” text box.

Plesk Additional nginx directives

To verify gzip is working, you can open a file directly in browser. Check response headers in browser develoer tool, you should see gzip.

verify gzip in chrome developer tools

See Plesk