Thursday, March 11, 2021

When / What to use ( RDBMS vs NoSQL )

In Relational Database Management System, data can be arrange in a meaningful way called relations. These relations can be joined in a meaningful way where we can understand the entire data scope including what kind of information can be processed from these data. Data sources will be vary from system to system. Storing data in RDBMS will require some processing time as we require to identify which relations need to be focused on given data. In NoSQL databases, there are no relationships will be maintained. Complex objects, key value pairs can be stored as it is and no initial processing time will be required as it happens in RDBMS. In RDBMS systems, processed data will be stored including enforced data integrity between relations. In RDBMS, meaningful information can be retrieved very quickly. NoSQL will not support to extract meaningful information very quickly. In terms of performance, NoSQL perform well in simple I/O operations while RDB performs well in complex relational queries. When to use and what to use depends on the scenario and the client

Saturday, March 6, 2021

Request a certificate to your website ( Certificate Signing Request / CSR )


    CSR ( Certificate Signing Request ) is the first step towards obtaining SSL certificate to your web site.
    Once you created your CSR, then you have to keep your private key securely in your side.
    Then order the SSL certificate by submitting your CSR file to the preferred Certificate Authority.
    Certificate Authority will process your request and release SSL certificate accordingly. 

    Step 1. Login to the server terminal and run bellow command, Replace mysitename with your site name
    openssl req -new -newkey rsa:2048 -nodes -keyout <mysitename>.key -out <mysitename>.csr

    Enter relevant information for below queries

    Country Name (2 letter code) [XX]:
    State or Province Name (full name) []:
    Locality Name (eg, city) [Default City]:
    Organization Name (eg, company) [Default Company Ltd]:
    Organizational Unit Name (eg, section) []:
    Common Name (eg, your name or your server's hostname) []:
    Email Address []:
    Please enter the following 'extra' attributes
    to be sent with your certificate request
   A challenge password []:
   An optional company name []:

   Note : Domain can be a single domain ( ), wildcard domains ( *,                  multiple domain ( ).  
              Cost of generating certificates may be changed according to domain name you provided.

    It will generate two files.

    Certificate signing request file :    <mysitename>.csr 
    Your private key file : <mysitename>.key ( Do not share private key file with any party )

    Step 2 : Validate the generated <mysitename>.csr  file via online 


   Step 3 : Submit the CSR to the selected Certificate Authority

   Examples : DigiCert SSL.
                     Symantec SSL.
                     GeoTrust SSL.
                     Thawte SSL.

    Step 4 : Login to the Certificate Authority's portal and browse your order number. Download the certificate
    Step 5 : Install your certificate in to the keystore file. Replace <mysitename> with your domain name

    keytool -import -alias <mysitename> -file <certificate file name> -keystore <mysitename>.jks

    Step 6: Configure the Keystore file in your server. 

    For tomcat : Updated connector block <Path to tomcat server>/conf/server.xml

    <Connector port="443" maxHttpHeaderSize="8192" maxThreads="100"
           minSpareThreads="25" maxSpareThreads="75"
           enableLookups="false" disableUploadTimeout="true"
           acceptCount="100" scheme="https" secure="true"
           SSLEnabled="true" clientAuth="false"
           sslProtocol="TLS" keyAlias="server"
           keystoreFile="<path to keystore file>.jks"
           keystorePass="<keystore password>" />

   For Apache : Update VirtualHost block in <path to apache server>/sites-available/<mysitename>.conf

   <VirtualHost <my site ip>:443>
    DocumentRoot /var/www/html2
        SSLEngine on
        SSLCertificateFile <path to certificate>.crt
        SSLCertificateKeyFile <path to private key>.key
        SSLCertificateChainFile <path to certificate chain>.crt

 Step 7 : Restart your server

 Step 8 : Make sure public internet routing configured to your server via security layer

            Note : If you route your traffic via load balancer, you have to install certificate to your load balancer.

 Step 9 : Browse your web site using HTTPS protocol. 

 Step 10 : Troubleshoot any issues using server access logs