Centralizing Certificate Management of LetsEncrypt with a Raspberry PI

Lets Encrypt is a new Certificate Authority (CA), run for the public’s benefit by the Internet Security Research Group (ISRG). At the time of writing it’s currently in Beta and is due to go public in December 2015.

Update: Lets Encrypt went into public -beta on December 3 2015. I have updated this article with the minor change needed to work with the live servers.

Now in the default mode, the standard Lets Encrypt client (it’s not the only one) can manage this automatically – however it’s not ideal if you have more than one server.

What I describe here is how to centralize managing certificate registration (& later renewal) on a central machine. When a certificate is then registered or renewed we can then copy the certs to the remote servers.

Continue reading “Centralizing Certificate Management of LetsEncrypt with a Raspberry PI”

Installing Java 7 on Debian Squeeze

For all of my servers I use Debian, however that distribution has a few problems, mainly the packages can be a bit behind the cutting edge.

Now this is usually a good thing if you are looking for stability – cutting edge software can have issues, especially from new features etc, so for a live environment you want something thats stable.

However, there does come a time when this can bite back. You either need a feature thats not in the standard repositories or in this case the version is now unsupported.

In Debian Squeeze it has Java 6 – but that was EOL’d a couple of months ago so is no longer supported by Oracle. The current version is Java 7 update 17.

So how do we get Java 7 installed?

Well it’s pretty easy to do, we just need to add another repository into apt and install it.

First the repository:

sudo su -
echo "deb http://ppa.launchpad.net/webupd8team/java/ubuntu precise main" | tee -a /etc/apt/sources.list
echo "deb-src http://ppa.launchpad.net/webupd8team/java/ubuntu precise main" | tee -a /etc/apt/sources.list
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys EEA14886
apt-get update
exit

What that does is to install the ubuntu ppa repository into apt, setup the public keys and then load the package lists.

Next we need to install it:

sudo apt-get install oracle-java7-installer

This will now download Oracle Java 7 and present you with a couple of screens about licensing. Just ok and accept it and it will now install.

That’s it. You now have Java 7 installed – but it’s not the default JDK (if you already had Java 6 installed). If you want it to be the default then there’s just one more thing to do:

sudo apt-get install oracle-java7-set-default

That’s a dummy package but it will make Java 7 the default on that machine. If you want to check then you can check:

peter@titan ~ $ java -version
java version "1.7.0_17"
Java(TM) SE Runtime Environment (build 1.7.0_17-b02)
Java HotSpot(TM) 64-Bit Server VM (build 23.7-b01, mixed mode)

The Grand Unboxing of the Raspberry PI

Finally after waiting for months my Raspberry PI finally arrived:

The unopened box containing the Raspberry PI.

When you open the box & get it out you then realize how tiny the thing is:

The PI out of its box & sitting on the trackpad of my MacBook Pro as a guide on how small the device is

Now when I ordered this I also ordered a PSU (normal micro-USB) and a 4Gb SD card. The other required items like HDMI & USB keyboard/mouse I already had, so the next thing was to download Debian & install it on the sd card.

I followed the instructions on elinux.org as I couldn’t get RasPiWrite to run but then it was a simple task. It will take a while to copy to the card.

Once done plug everything in and start it up. At first you’ll see it boot & it’s pretty quick. Once you get the login prompt login and type startx. You’ll then get the desktop.

The initial desktop

There’s a simple browser provided which works to a point – some things don’t work but it’s early days.

3 browser windows open on the PI

There’s only one thing that’s not right is that the screen doesn’t fit the monitor – but then I blame the monitor than the PI – it’s a cheap TV/DVD from Asda which I know has an odd resolution (1400×900) & the PI is detecting it with a higher resolution, but other than that, initial use shows it’s working pretty well.