存档在 2015年7月

怎样为StartSSL免费ssl证书续期1年

2015年7月23日

参考:《怎样申请StartSSL免费ssl证书》
参考:《怎样在CentOS安装StartSSL免费SSL证书》
参考:《怎样让Apache实现一个独立IP安装多个SSL证书》

StartSSL的免费ssl证书有一年的有效期(包括登录StartSSL的用户登录证书和域名ssl证书)。

续期步骤为:
1. 更新用户登录证书
2. 更新域名ssl证书

在用户证书过期前两星期注册邮箱会收到类似提示邮件:

This mail is intended for the person who owns a digital certificate issued by the StartSSL Certification Authority (http://www.startssl.com/).
The Class 1, client certificate for xxx@xxx.com and serial number xxxxxx (xxxxx) is about to expire in about two weeks. Please log into the StartSSL Control Panel at https://www.startssl.com/?app=12 and get a new certificate for this purpose. Failing to update your client certificate might result in the loss of your account.
Should you have lost the client certificate which was previously issued to you, please register once again – login without the client certificate installed into your browser will not work in that case.

1. 浏览器访问https://www.startssl.com/?app=12,如果用户证书已过期只能重新注册一个帐号了。

2. 点击Validations Wizard,选择Enter Email Address。

3. 输入email地址,点击Continue。

4. 检查邮箱输入验证码

Complete Validation
A verification code has been sent to “xxx@xxx.com”.
Please check your email account now and enter the code into the text field below.

输入验证码,点击Continue。

5. 邮箱验证成功

Validation Success
You have successfully authenticated mail account “xxx@xxx.com”.
You will be able to use this verification for the next 30 days, after which it expires and must be renewed.

点击Finish。

6. 点击Certificates Wizard,选择S/MIME and Authentication Certificate生成登录的证书。

7. 选择要安装的邮箱

8. 安装成功

Congratulations!
Your S/MIME client certificate is installed in your browser.
Backup this certificate to an external media. You may import this certificate to your mail client.

点击Finish。

9. 备份用户证书

firefox:工具-选项-高级-查看证书-您的证书,下面就有需要备份的证书。可以看到证书的有效期增加了一年(从安装成功之日起)。

10. 随后更新域名ssl证书

过程和全新申请一样。相同的域名要等原证书过期后才能再次申请ssl证书。

在证书过期前两星期也会收到提示邮件:

This mail is intended for the person who owns a digital certificate issued by the StartSSL Certification Authority (http://www.startssl.com/).
The Class 1, server certificate for p.live-in.org and serial number XXXXXX (XXXXX) is about to expire in about two weeks. Please log into the StartSSL Control Panel at https://www.startssl.com/?app=12 and get a new certificate for this purpose.

此时已经可以重新申请域名ssl证书了。

11. 验证完域名之后会提示:

Ready Processing Certificate
We have gathered enough information in order to sign your certificate now.
The common name of this certificate will be set to p.live-in.org.
The certificate will have the following host names supported:
Please click on Continue in order to process the certificate.

点击Continue。

12. 提示等待人工审核

Additional Check Required!
Warning You successfully finished the process for your certificate. However your certificate request has been marked for approval by our personnel. Please wait for a mail notification from us within the next 3 hours (the most). We might contact you for further questions or issue the certificate within that time. Thank you for your understanding!

参考资料:

怎样解决libiconv.so.2: cannot open shared object file

2015年7月14日

编译PHP时,会遇到错误如下:

    error while loading shared libraries: libiconv.so.2: cannot open shared object file: No such file or directory
    make[1]: *** [install-pear-installer] 错误 127
    make: *** [install-pear] Error 2

find发现/usr/local/lib里面有库文件,但是/usr/lib里面没有

find / -name libiconv.so.2
/usr/local/lib/libiconv.so.2

于是用软链接:

ln -s /usr/local/lib/libiconv.so.2 /usr/lib/libiconv.so.2

之后

make clean

再编译 生成 安装,一切正常。

使用此方法的时候需要考虑到在configure时的支持选项–with-iconv-dir=/usr/local,所以创建连接这方式可能是无效的

解决方法是将/usr/local/lib路径添加到/etc/ld.so.conf文件中,然后用ldconfig命令加载,再重新输入make install命令就可以了

1.在/etc/ld.so.conf中加一行/usr/local/lib,

include ld.so.conf.d/*.conf
/usr/local/lib

2.然后运行

/sbin/ldconfig

怎样解决VPS安装LAMP后IP无法访问

2015年7月14日

出现问题:IP无法访问
解决方法:关闭防火墙试试

service iptables stop

WordPress技巧:设置权限自动升级

2015年7月13日

WordPress内核升级、插件升级、语言包升级、模板升级…如果手工来处理,着实费事。尤其是运营多个不同配置的WordPress站点的时候。

还好,WordPress有自动升级机制,但是在Linux服务器上,需要适当的配置才能实现。Windows服务器我没测试,估计可以省略一些步骤。

1. 在 /wp-config.php 的末尾,加上以下代码。这样在后台升级插件时,不会要输入FTP信息。

define('FS_METHOD', 'direct');
define('FS_CHMOD_DIR', 0777);
define('FS_CHMOD_FILE', 0777);

2. 升级时提示无法创建文件夹

确保 /wp-content/update 这个目录存在,这里将缓存下载的更新程序包。

A. 如果没,手工创建一个。为这个目录及其子目录和文件设置 777 权限。
B. 设置 /wp-content/ 为777 ,系统将自己创建update目录,为这个目录及其子目录和文件设置 777 权限。

确认需要 自动升级哪些项目,为这个目录及其子目录和文件设置 777 权限。

包括:

  • 所有插件 /wp-content/plugins 为这个目录及其子目录和文件设置 777 权限
  • 所有模板 /wp-content/themes 为这个目录及其子目录和文件设置 777 权限
  • 所有语言 /wp-content/languages 为这个目录及其子目录和文件设置 777 权限
  • 如果想升级整个WordPress内核,需要对整个安装目录及其子目录和文件设置 777 权限

怎样编译安装GIT

2015年7月13日

Git版本控制程序非常优秀的好用,以下教程说明怎样使用YUM迅速升级GIT。

环境:Centos 6.5 64位 + Git1.7.1

1. 安装必要的工具包

yum install curl-devel expat-devel gettext-devel openssl-devel zlib-devel
yum install gcc perl-ExtUtils-MakeMaker

2. 卸载Centos自带的git1.7.1

查看系统带的版本,Cento6.5应该自带的是git版本是1.7.1:

git --version

输出:

git version 1.7.1

先卸载已存在的GIT:

yum remove git

再安装最新的GIT,并将git添加到环境变量中

下载git最新版本(https://www.kernel.org/pub/software/scm/git/

cd /usr/src
wget https://www.kernel.org/pub/software/scm/git/git-2.4.5.tar.xz
tar xzf git-2.4.5.tar.gz
cd git-2.4.5
make prefix=/usr/local/git all
make prefix=/usr/local/git install
echo "export PATH=$PATH:/usr/local/git/bin" >> /etc/bashrc
source /etc/bashrc

再次查看版本号:

git --version

输出:

git version 2.4.5