Author Archives: kosmas

SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch

Posted on by
Reply

Problem

Trying to configure and use an nginx server that uses intermediate certifcates, you get the error about values mismatch and nginx does not start

2020/09/23 09:49:38 [emerg] 20958#20958: SSL_CTX_use_PrivateKey("/etc/ssl/private/cakey.pem") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)

Solution

It seems that this is a common mistake and it is mentioned here: https://nginx.org/en/docs/http/configuring_https_servers.html. In order to fix this you will need to change/reverse the original order that you have concatenated the chain, as in:

cat certs/cacert.pem intermediate/certs/intermediate.cacert.pem > intermediate/certs/ca-chain-bundle.cert_new.pem

Decode access secret key from Terraform IAM user creation

Posted on by
Reply

Problem

You want to use the pgp encryption when using Terraform to create an AWS IAM user, and you have the secret access token returned as an output but encoded.

Solution

Use the following to get the actual secret key decoded (after copying your encoded key to a file encrypted_key.txt:

$ cat encrypted_key.txt | base64 --decode | gpg -d

Terraform Cloud – ‘operations’ attribute is deprecate, and cannot be used in conjuction with ‘execution’. Use the latter only

Posted on by
Reply

Problem

You are trying to add a new workspace in your organization in Terraform Cloud, using the same connected VCS (Gitlab) as the one you already have setup, but you get the above error when trying to add it in Firefox (Linux – Ubuntu – 79).

Solution

Use Chromi(um) to create the workspace as it works there. You can then use it in Firefox as normal.

Error initializing storage of type raft: failed to create fsm: failed to open bolt file: open /home/vault/data/vault.db: permission denied

Posted on by
Reply

Problem

Trying to start the vault server following the guides that specify creating the data directory in /home/vault/data results in the above error and service cannot be started.

Solution

According to the guide here: https://learn.hashicorp.com/tutorials/vault/raft-deployment-guide?in=vault/day-one-raft, changing the data directory to /opt/raft and the hcl file to reflect that the server can be started without any errors.

Failed to initialize build ‘qemu’: post-processor type not found: exoscale-import

Posted on by
Reply

Problem

Trying to follow along the example in the Exoscale article about creating custom templates, you get the error about exoscale-import not found, when you are trying to validate the packer template.

Solution

Make sure that you use a current packer installation as the exoscale-import was not supported in the older versions.

kosmas:terraform (add_vault *%)$ packer --version
1.0.4

So after installing the latest version the above error goes away

kosmas:terraform (add_vault *%)$ packer --version
1.6.1

qemu: Error launching VM: Qemu failed to start. Please run with PACKER_LOG=1 to get more info.

Posted on by
Reply

Problem

You are trying to build a QEMU image with Packer, but you are getting the error suggesting to use the PACKER_LOG=1 option. But there is no indication where to place it in the command line.

Solution

Put it at the begging of the command line as folows:

kosmas:terraform (add_vault *%)$ PACKER_LOG=1 packer build vault_orchestration/template.json

Raspberry, Ubuntu and Megatools

Posted on by
Reply

To install megtools (command line utilities for Mega.nz), in your raspberry with ubuntu installed follow the steps below (thanks to the instructions from here: https://www.instructables.com/id/Descarga-archivos-de-Mega-con-Raspberry-Pi/)

  • Install the necessary packages
sudo apt-get -y install build-essential libglib2.0-dev libssl-dev libcurl4-openssl-dev libgirepository1.0-dev

You may also need to add some additional packages if there is an error about the documentation.

  • Get the latest source code from https://megatools.megous.com
wget https://megatools.megous.com/builds/megatools-1.10.3.tar.gz
  • Compile and install them
tar xvfz megatools-1.10.3.tar.gz
cd megatools-1.10.3
./configure
make
sudo make install
sudo ldconfig
  • Add your Mega account credentials in ~/.megarc like:
[Login]
Username = my_mega@email
Password = mypassword
  • use the mega tools commands (megacopy, megals, megaget etc.