Wednesday, November 21, 2018

Let it go..

It has been lonely and it ain't that bad..
It made me appreciate my own family more..
It made me appreciate myself more..

All the pain I endured, might made me icy cold..
But knowing that you didn't let go..
Made it warmer..

It's okay.. I'm okay..
I can get through this even if it's just me..
People come and go so easily..
It's a pain but they won't know..
So I'm now an expert at ignorance..
It really saved my little heart..

Ignore.. Don't think.. Let go..



Friday, January 5, 2018

Can't Login as Root? (Centos 5)

Please take note that this steps were done in full caution, and with responsibility for anything terrible that could happen..

Last month, I was contacted by a client informing me that he/she cannot log in to the server as root for the past 2 weeks. Obviously they contacted me because I was the person responsible for setting up their server back in August. and, as far as I can remember, I never made changes to the server..

I tried logging in with all the passwords that I can remember, but to no avail.. I requested to work via TeamViewer to have a look at the machine.. yes its a virtual machine.. then I restarted the server..

Only then I notice that there was this error -> no user root found!

So I start googling and found this site:
https://wiki.archlinux.org/index.php/reset_root_password#Using_GRUB_to_invoke_bash

I followed most of the steps, but in the end I can't use the command passwd to change the password.. and the root user was not root.. apparently when I checked the passwd file, the line for root was nowhere to be seen.. seems like the passwd file has been modified...

DO THIS AT YOUR OWN COST!

So what I did was, I edited the passwd file on the line that I suspected used to be root - rename it to root again - based on the passwd file on other servers, and save the damn file..

Afterwards, I used the passwd command to change to root password (hey it worked!) and I exited bash.. an error message(?) or a warning(?) came up

Kernel panic - attempted to kill

But I crossed my fingers and reboot the server anyway.. and Alhamdulillah.. everything worked fine!!

NOTES:

If I was going to edit any files, I should have used/mounted a live cd/iso on the vm.. but at that moment, the damage has been done..

after this I'll try to use a live cd..



Tuesday, June 13, 2017

Looking back..

today is the 18th of Ramadan..

actually, I'm here looking for my long lost cookie recipe.. thank God I blogged about it.. but doing so got me rereading my blog posts.. wow, sure is full of rants.. haha!

well, aging makes me toned down on my rantings a bit.. its more like.. I want to be a better person.. I realised that there's no point ranting out here anymore.. the problem will remain until I really face it and do something about it instead of just rants about it.. kan? its better to channel all my feelings to Allah instead, Dia Maha Mendengar.. and when I'm in pain, he will ease it.. after all, Allah knows best.. what we like most may not be good for us, and what we dislike most, could be the most beneficial for us..

so in this holy month of Ramadan, I wish I could be a much much much better person, inside out..

Ameen Ya Rabbal 'Alameen..

Friday, January 6, 2017

Importing From OpenSSL to Keytool

Ignore the fact that this blog has been abandoned for months (or years!)!

I just need somewhere I can note this down without loosing it. Haha~

As it happens, the SSL certificate for the portal I was responsible for has expired on 15/12/2016. Well we did sent the renewal notice to the GPKI team a month earlier, but somehow our notice was lost in transit. Until we did a follow up on the day the certificate dies, we would never know it has been lost...

Before, the task of creating the CSR (Certificate Signing Request) file and what not are done by the vendor, but now with the vendor gone (and almost not replying to any of my messages) I took the liberty to get the job done myself. When the supplier request for a new CSR, since there was a problem with the previous CSR, I used OpenSSL to generate the key and CSR. I was entirely forgotten that Java already has Keytool.

The problem starts when the server domain was no longer accessible (was not sure whether its domain problem, or certificate problem..). Without knowing anything I simply import the certificate into a jks keystore. Simply!!

A Lesson on Keystore

Well.. in order for SSL to work for your browser, your server must have a keystore that keeps the following:

  • Your server certificate 
  • Your intermediate/CA (Certification Authority) certificate (or sometimes referred to as root certificate)
  • Your server public key
Mistake #1

I found out later in server.xml that the SSL connector uses the .jks keystore format (and I had no idea what keystore is even about.. sad..) The thing is... I generated the public key and CSR using OpenSSL when I should just have used Java Keytool. The CA got my certificate ready alright, but when I just simply import the certificate using Keytool I didn't know that the keystore should have the public key too, which, was created using OpenSSL..

Solution

After doing some digging on Google, I came across this solution. With the key that I created using OpenSSL and the certificate I got from the CA, I need to create a PKCS12 keystore first, then convert it into a JKS.

To generate the PKCS12 keystore, use to following command:
openssl pkcs12 -export -name  jks-alias -in servercertificate.crt -inkey server.key -out keystorename.p12
To convert from PKCS12 to JKS, use the following command:
keytool -importkeystore -destkeystore keystorename.jks -srckeystore keystorename.p12 -srcstoretype pkcs12 -alias jks-alias
Yeay! but I missed something, the intermediate certificate.

So I just imported the intermediate certificate to the JKS keystore using the keytool following command:
keytool -import -trustcacerts -alias jks-alias -file CAcertificate.crt
Use this command to verify JKS contents:
keytool -list -v -keystore keystorename.jks

Problem

My server certificate was validated, but my intermediate/CA certificate was not found, eventhough I have imported the intermediate/CA certificate. 

Seems like it just won't work like that.

Solution

I went digging again and this time I came across this solution. The problem in the post was similar. Turns out I need to make a certificate bundle  and generate another PKCS12 keystore.

Making a certificate bundle

Generally I followed the steps from this page. But, basically it is really simple. Using a text editor, copy all the certificates into one textfile in the following order:
  1. Your server certificate
  2. Your Intermediate certificate
  3. Your CA certificate (optional)
I only had 1 and 2. then I saved the file with .pem extension.

Then create another PKCS12 keystore using the same command, but with the .pem file:
openssl pkcs12 -export -name  jks-alias -in certificatebundle.pem -inkey server.key -out keystorename.p12
and use the same keytool command to convert the PKCS12 keystore to JKS keystore.

Finally

I restarted the Tomcat service et voila! My SSL works like a charm :)


Friday, August 28, 2015

Suka, Sayang dan Cinta

bila kita suka orang, tak semestinya kita sayang..
yes suka tu kira macam first stage lah..
tapi suka boleh berubah jadi tak suka...

ada suka yang membawa kepada sayang..
ada suka yang akan end up dengan tak suka..

sayang pulak.. kadang-kadang bermula dari suka..
tapi kadang-kadang ia datang dengan misteri..
tak tahu dari mana, tiba-tiba terbit rasa sayang..
perasaan dia overwhelming and indescribable..
kadang-kadang kita tak kenal pun orang tu..
(ini macam kes saya dengan arwah kuma-chan..
perasaan ini datang bila saya tahu nama sebenar dia..
walaupun pernah bersua, tapi saya tak ada rasa suka..
biasa je.. lebih kepada hormat sebab dia abang kawan baik saya..
nama sebenar dia pun saya tak amik tahu sampai kawan saya sendiri yang bagitahu.. haha!)

cuma bezanya sayang, walaupun ada perkara yang kita tak suka pada orang tu..
kita tetap sayang pada dia.. dan tidaklah pulak dengan segala benda yang kita tak suka pada dia tu mengurangkan kasih sayang kita pada dia..
segala buruk perangai, segala benda yang menyakitkan hati..
semua tu takde hal lah..
memanglah tak suka, kita manusia...
maksud saya, itu bukan sebab untuk berhenti menyayangi..
sebab bila sayang, kita menerima seseorang itu seadanya dia..
fizikalnya, perangainya, attitudenya, bad behavioursnya..
segalanya tentang dia..

rasa sayang itu kekal sampai bila-bila..
and in my case, bukan seorang.. haha
sebab sayang is sayang! faham?

yang palig penting, bila kita sayangkan seseorang, hari-hari kita doakan dia..
kata sayang kan?
mestilah kita nak orang yang kita sayang baik-baik aja...

cinta? ada sayang yang menjadi cinta..
ada sayang yang terus menjadi sayang...

cinta itu kompleks sebab..
pada saya cinta itu apabila ia adalah antara dua pihak yang menyayangi satu sama lain..
cinta itu melengkapkan dua pihak..
cinta itu bila saat dua pihak bersama tanpa berbuat apa-apa, even bercakap pun..
tapi itulah saat paling bahagia dua pihak tersebut..
cinta itu bila kedua pihak bukan sekadar menyayangi,
tapi saling menghargai keberadaan masing-masing..
bila satu pihak tak ada, satu pihak lagi akan terasa ketiadaannya..
cinta itu bila kata-kata sudah tidak perlu untuk masing-masing mengetahui apa dalam hati masing-masing..

saya beruntung kerana dicintai oleh kuma-chan sehingga akhir hayatnya..
jadi buat masa ni.. saya pulangkan cinta saya kepada Allah Ta'ala..

sesungguhnya Allah Ta'ala jualah yang memiliki saya, hati saya, kuma-chan, dia, dan hati dia..




Tak.. aku tak marah..

marah tu satu perkataan yang kuat...

kadang-kadang aku wonder.. aku pernah ke marah dalam erti sebenarnya?

most of the time aku cuma sakit hati.. terasa hati.. memendam perasaan...

mungkin aku lebih marahkan diri aku kot..

sebab kadang-kadang terlukakan perasaan orang..

tersilap cakap.. tersalah faham...

mungkin juga orang salah faham.. ingatkan aku marah..

walhal pada hakikatnya aku cuma meluahkan frustations..

tak lebih dari itu..

aku minta maaf..

Thursday, August 6, 2015

to kill time..

yes! I'm writing this post to kill time..

office hours are done.. and I am not in the mood to do work stuff.. though usually I'll still be going through paperworks and systems testing reports from my team.. but today I'm not!

I'm having a serious case of running nose.. my nose won't stop running unless I lie down and its driving me crazy because I cannot take my nose off!!

I can't go back either because driving at this minute will result in me stuck in the car for over one hour to reach home.. imagine that with a running nose!!

Yesterday was the Ministry's makan-makan raya.. our Department was making rojak buah, and our division was given the task to prepare the pineapples... I've never had the experience to prepare pineapples before so I was really really really looking forward to prep them, I even brought my best kitchen knife and apron the day before.. poyo giller haha~!

Though I readied myself earlier yesterday, my shawl (raya kan? mestila nak pakai baju raya!) caused me some problems and I was still late to the office.. huhh.. memang dewi lambat sungguh laa.. semangat gila sarung apron (baju raya, mind you..) dengan pisau ke hulu ke hilir kat ofis.. hohoho

And so we started peeling the pineapples.. cut both ends, then cut the skin off from top to bottom.. kalau malas buang mata style utara, potong je sampai tak nampak mata.. at first that was the plan.. but seeing the pineapples makin lama makin kurus (mine especially..) I tried buang mata style utara tu.. hihihi.. it was fun, but took time a bit.. we cut up about 15 pineapples yesterday..

Come the makan-makan event, actually I didn't really favour the event despite there were a lot of artis jemputan (Najwa Latif, Hail Amir, Uji Rashid, dan banyak lagi..), it was held in Dataran Gemilang, under the hot sun (the most probable cause I'm feverish today..) and too much people queueing for food and not much place to sit and eat properly.. by the time we got down, some of the food are already finished, all in all dapatlah makan 2 ulas durian (wajib!), char kuey teow, rojak buah.. and I got the last grilled lamb ribs from the Bomba guys (thanks!!) finished it up with a melting chocolate ice cream cone... tapi lamb ribs tu tak makan kat situ pun.. bawa naik sebab nak buruk lantak..

Actually we went up early since we're having a meeting with MD Maran for the launching of one of our projects.. the meeting ended at 6.30 pm.. and I continued with my work for that day till 9.00pm.. when I remembered I have another meeting to attend at JPM the next day (today) and prepared all the documents....

An excuse to not go to the office early in the morning.... :P

Unfortunately I was not prepared to sleep the night.. cause the next morning at 5 a.m I find myself  in front of the TV beside the durian.. (siang malam durian.. tido pun dengan durian.. huhh).. and I was shivering from the cold night... jangan tanyalah tido pukul berapa.. seriously, I don't know how to answer that question, almost every day..

Climbed to the bed and woke up later with a heavy head at 7.30.. yikes! lambat ler masuk meeting...

Memang lambat pun! masuk kereta je the nose start running already... redah jem lagi... cari parking lagi.. adalah lambat 10 minit.. the meeting already commenced when I arrived.. at first tahan lapar je tengok kuih lapis dengan sardine roll atas meja depan mata tu.. in case ada benda nak mencelah.. plus, nobody else were eating at that time.. come 10.00 am tak tahan dah.. already said my part and I just need to have a nice hot tea down my throat.. plus the running nose already consuming my last ration of tissue in my handbag..

Just when I gobbled up the last bite of the sardine roll.. tetiba pengerusi Dato' Seri: Ok, KPKT, how many PBTs are there? how many are using...... nasib baiklah figures tu semua dalam kepala je.. cuma challenge at the moment, is how to say it with my mouth full..

Syukur, I was born with pockets in my cheeks.. so I put all the food in my mouth into the pocket and answered as if I wasn't eating... hahaha! (mesti orang sebelah nampak kembung je pipi... :P)

People always tease me about my cheeks.. they would ask how do I keep my cheeks so round? now I know exactly how to answer...

'Saya simpan kuih dalam pipi saya.. macam-macam ada.. kuih apa nak?'
I keep food in my cheeks.. want some?

Once, when I was doing Umrah in Madinah, an Arab lady stopped in front of me just to pinch my cheeks..after that she was gone.. leaving me like.. what??  boleh??? and I was not a small girl then, I was a fully grown 29 years old adult..

okay.. I think now is quite the right time for me to go back..need to drop a friend at the Putrajaya Sentral before I can get home.. I'm already feverish, hoping to get some rest tonight..

until the next post~!